Home » CenturyLink » Currently Reading:

Gone Phishing: Hackers Target CenturyLink With Authentic Looking Customer Portal Website – Customers Beware

Phillip Dampier February 11, 2010 CenturyLink No Comments

CenturyLink customers should exercise caution in responding to e-mail links to CenturyLink’s online account portal.  Hackers have meticulously duplicated the look and feel of the nation’s fourth largest phone company’s online account website with hopes customers will provide personal information that can be used for identity theft or fraudulent financial activity.

Trend Micro’s TrendLabs group warned readers it noticed the well-done phishing fakes popping up on several websites, preparing to collect information from unsuspecting customers.  Most phishing attacks typically start with unsolicited e-mail purporting to be from CenturyLink, with a convenient link included for customers to click.  Only this e-mail will not direct visitors to CenturyLink, instead diverting customers to the impostor websites that look like the real thing.

Customers can protect themselves from these phishing tricks and traps by following this advice:

  1. If receiving e-mail from a company asking you to follow a link to their website, you are safer typing in the company’s website address yourself, ignoring the link.  Links that look authentic in an e-mail can be anything but when you click on them.  If you intend to share personal information or password to log in to a website, it’s better to start your journey there yourself.
  2. If the site you reach shows an unexpected address in the URL window, that is often a warning sign trouble is brewing.  CenturyLink’s account login screen should display either https://secure.centurylink.net/login.php or https://eam.centurylink.com/eam/login.do.  If it shows a series of numbers or a website address other than centurylink.com or centurylink.net, consider ending your visit and starting over at centurylink.com, typed into your browser yourself.  When in doubt, don’t enter your login information.
  3. A padlock should be visible somewhere in your browser at the CenturyLink login screen.  Most place the padlock at the bottom of the browser screen.  No padlock?  Danger.
  4. Any code errors on the page that show up should also be a point of concern along with spelling and grammatical errors.

In general, using up to date antivirus software and applying security patches regularly will offer some advance warning of a suspicious message.  But nothing beats common sense.

The authentic CenturyLink website. Notice the padlock circled on the right.

The fake version phishing for your personal information. Circled on the left is a warning of code errors on the page. On the right, notice the absence of a padlock icon.

Share






Search This Site:

Contributions:

Recent Comments:

  • http://shann7272.buzznet.com/user/journal/19146720/aid-relieve-brain-terms-personalized: Having read this I believed itt was rather enlightening. I appreciate you taking the time andd energy tto put this informaation together. I once aga...
  • Home.Adgkw.com: If the glove gets messy, you can wash the glove in cold water with a mild laundry detergent. Nevertheless, using these eco friendly ovens are still a...
  • paintball: Strona świadczy o nietypowych zagadnieniach, zapraszam do dyskusji My weblog: ...
  • Hamza: lol I have a 250gb plan and I'm at 500gb now. I joined Cox's Tech Chat and the guy told me I had 3 warnings on my account this billing cycle...and co...
  • Limboaz: Comcast up to dirty tricks to stop competition: http://www.fiercecable.com/story/centurylink-accuses-comcast-using-lobbying-heft-block-it-competitive...
  • Phillip Dampier: Register all third party call handlers and develop a protocol that includes a limit on how many times a call can be passed to another party, a provisi...
  • humbug: And anon, no I can't really afford it, but surprisingly, at least to you, I don't want to move just for decent communications access. The federal gov...
  • more humbug: GCI has a usage page where we're supposed to be able to monitor the usage. I usually quit any significant downloading about halfway through the billi...
  • JayS: Poor call completion seems to exist in all states, not just those that have recently deregulated;re-regulating, following the old rules, does not appe...
  • Michael Elling (@Infostack): Phil, Superlative work. I sincerely hope it has the much needed and necessary impact inside and outside the Beltway. Michael...
  • Chris Conder: Copper. A race to the bottom. Where are the men and women of fibre? Moral and optic. Its time to get real and build the infrastructure of the future....
  • Ryan Brodnax: This pisses me off in ways that you can't even imagine. First of all the company website says there is no limitations on usage at this time. I watch a...

Your Account: