Beware of Phishing Attacks Against XDA Members

It has recently come to our attention that there is someone–using a domain very similar to–operating a phishing scheme trying to steal the usernames and passwords of XDA users. The site is using a transparent proxy to access XDA and to essentially copy XDA page-for-page, URL-for-URL. This site, other than the small difference in domain, looks and feels exactly like XDA. Please always make sure you are on (rather than, for example) before entering your password. For 99.99% of you, there’s very little likelihood that you would ever end up on the “fake” XDA, but we felt it reasonable to warn users anyway.

We block their access to XDA, but they continually switch IPs, utilizing an inexhaustible list of compromised machines. We are also trying other methods of getting the site taken down or blocked, but thus far they seem very determined. If anyone has experience stopping this type of sophisticated phishing scheme, please send svetius a PM. Also, if you have a good contact at NIC Argentica, please let us know.

Discuss This Story

You might also like