Home » CenturyLink » Currently Reading:

Gone Phishing: Hackers Target CenturyLink With Authentic Looking Customer Portal Website – Customers Beware

Phillip Dampier February 11, 2010 CenturyLink No Comments

CenturyLink customers should exercise caution in responding to e-mail links to CenturyLink’s online account portal.  Hackers have meticulously duplicated the look and feel of the nation’s fourth largest phone company’s online account website with hopes customers will provide personal information that can be used for identity theft or fraudulent financial activity.

Trend Micro’s TrendLabs group warned readers it noticed the well-done phishing fakes popping up on several websites, preparing to collect information from unsuspecting customers.  Most phishing attacks typically start with unsolicited e-mail purporting to be from CenturyLink, with a convenient link included for customers to click.  Only this e-mail will not direct visitors to CenturyLink, instead diverting customers to the impostor websites that look like the real thing.

Customers can protect themselves from these phishing tricks and traps by following this advice:

  1. If receiving e-mail from a company asking you to follow a link to their website, you are safer typing in the company’s website address yourself, ignoring the link.  Links that look authentic in an e-mail can be anything but when you click on them.  If you intend to share personal information or password to log in to a website, it’s better to start your journey there yourself.
  2. If the site you reach shows an unexpected address in the URL window, that is often a warning sign trouble is brewing.  CenturyLink’s account login screen should display either https://secure.centurylink.net/login.php or https://eam.centurylink.com/eam/login.do.  If it shows a series of numbers or a website address other than centurylink.com or centurylink.net, consider ending your visit and starting over at centurylink.com, typed into your browser yourself.  When in doubt, don’t enter your login information.
  3. A padlock should be visible somewhere in your browser at the CenturyLink login screen.  Most place the padlock at the bottom of the browser screen.  No padlock?  Danger.
  4. Any code errors on the page that show up should also be a point of concern along with spelling and grammatical errors.

In general, using up to date antivirus software and applying security patches regularly will offer some advance warning of a suspicious message.  But nothing beats common sense.

The authentic CenturyLink website. Notice the padlock circled on the right.

The fake version phishing for your personal information. Circled on the left is a warning of code errors on the page. On the right, notice the absence of a padlock icon.

Search This Site:

Contributions:

Recent Comments:

  • lightning: I believe this is necessary because the demand of computing continues to grow every single nano-second. In areas where my 100% immediate family member...
  • LG: customers with a basic Starter package of more than 40 channels at $24.99 a month.... -10 Home shopping channels (HSN) -6 Ad-channels with constan...
  • Lee: There are states that allow you to contract for electric and natural gas with companies other than the ones that own the gas pipelines and the electri...
  • Guest9987: Why not 65.536Mbps? That would make it 8192KB/s which is what the standard should be; any more or less is questionable so far. It's not like 8.192MB/s...
  • Chad: EV, I completely agree. Recording your phone calls is a great way to keep these companies in check. There's a great blog post about how this, and a ha...
  • modal: I pay a visit each day some websites and websites to read content, however this blog offers quality based writing....
  • FredH: If your area is upgraded to be getting 300Mbps down and you aren't, there could be any number of factors preventing it that are your responsibility, n...
  • Ev: Why bother rearranging deck chairs on the titanic? Drop your cable TV service, put up an antenna for a bunch of channels, buy a DVR, and if you still...
  • Ev: People need to start recording ail their phone calls with company reps. They're recording it already, for their benefit. One little app on your phone...
  • beth: Called TWC today. They're the only cable provider in my area. I pay for internet and phone unfortunately still hooked to Direct for the football seaso...
  • Austin: "Responsible usage".... "limited resource"???? Give me a break! It's not like internet is mined out of a pocket in the ground. How can these idiots ke...
  • SendDavid: If you're in NY, you can also submit a claim for a refund with David, Inc. and they'll do all the work for you--50% of claims get refunded: http://bit...

Your Account: