Home » CenturyLink » Currently Reading:

Gone Phishing: Hackers Target CenturyLink With Authentic Looking Customer Portal Website – Customers Beware

Phillip Dampier February 11, 2010 CenturyLink No Comments

CenturyLink customers should exercise caution in responding to e-mail links to CenturyLink’s online account portal.  Hackers have meticulously duplicated the look and feel of the nation’s fourth largest phone company’s online account website with hopes customers will provide personal information that can be used for identity theft or fraudulent financial activity.

Trend Micro’s TrendLabs group warned readers it noticed the well-done phishing fakes popping up on several websites, preparing to collect information from unsuspecting customers.  Most phishing attacks typically start with unsolicited e-mail purporting to be from CenturyLink, with a convenient link included for customers to click.  Only this e-mail will not direct visitors to CenturyLink, instead diverting customers to the impostor websites that look like the real thing.

Customers can protect themselves from these phishing tricks and traps by following this advice:

  1. If receiving e-mail from a company asking you to follow a link to their website, you are safer typing in the company’s website address yourself, ignoring the link.  Links that look authentic in an e-mail can be anything but when you click on them.  If you intend to share personal information or password to log in to a website, it’s better to start your journey there yourself.
  2. If the site you reach shows an unexpected address in the URL window, that is often a warning sign trouble is brewing.  CenturyLink’s account login screen should display either https://secure.centurylink.net/login.php or https://eam.centurylink.com/eam/login.do.  If it shows a series of numbers or a website address other than centurylink.com or centurylink.net, consider ending your visit and starting over at centurylink.com, typed into your browser yourself.  When in doubt, don’t enter your login information.
  3. A padlock should be visible somewhere in your browser at the CenturyLink login screen.  Most place the padlock at the bottom of the browser screen.  No padlock?  Danger.
  4. Any code errors on the page that show up should also be a point of concern along with spelling and grammatical errors.

In general, using up to date antivirus software and applying security patches regularly will offer some advance warning of a suspicious message.  But nothing beats common sense.

The authentic CenturyLink website. Notice the padlock circled on the right.

The fake version phishing for your personal information. Circled on the left is a warning of code errors on the page. On the right, notice the absence of a padlock icon.

Search This Site:

Contributions:

Recent Comments:

  • Leedar: 'Conveniently' for South Korea and other culturally insular countries international traffic doesn't matter so much, because there is a local version o...
  • Daniel H: Except the other side of the story is was that he used his employer in the phone call to extract an advantage. If he did mention he was employed by Pr...
  • feather bed: Quality articles or reviews is the important to attract the viewers to pay a visit the website, that's what this website is providing....
  • Ralph: I absolutely love this comment, “As we’ve said before, the speed tests are the result of self-selected, self-reported samples,” Page said. “People who...
  • onlinehairclinic: Some infectionhs such aas fungal infections of the scalp, an underlying diseaselike diabetes orr lupus, scarring due to wearing pigtails, coornrows o...
  • Dekay: I was one of those unlucky Millenicom customers who just had their plan ($90/month) abruptly terminated. To get the same plan through Verizon would co...
  • Damian: Thank you for this article. I am currently with Comcast and have 50 Mbps internet speeds. I pump out a monthly average of 600 GB of data usage each m...
  • AustinTX: It's almost like Comcast has a crack team to identify anyone who is getting close to exposing them... and then giving them the push they need to go co...
  • James Cieloha: I prefer that the FCC comes with the idea of the most severe stiffest punishment handed down from the FCC being called the euthanization death penalty...
  • BobInIllinois: As a licensed CPA and auditor, this is very shocking, but very believable when one works for a Big CPA firm. I worked at a small firm, so this kind o...
  • Haiyez: I just got off the phone. I have U450 & Max Plus internet. I was paying $140 a month. The promo is over and now it's about $200 a month. Bes...
  • Fred Pilot: When a service provider views its customers as adversaries, an act like this is construed as enemy action, resulting in the blow up reported here....

Your Account: