Does such phishing exist?

Calypze

Is it possible that there are phishing sites in which one sign in, and then one is taken to the real site, signed in, i.e sort of re-directed?

For example, let's say there is a phishing site for Hotmail or Paypal or any other site. It would then record one's username and password that were entered, keep them (so that it has access to the user's account), and then use them to immediately sign in the user to the real site, so that the user wouldn't know that he/she was phished.

Does such phishing sites exist? I feel GMail is sometimes acting a little weird, so I somewhat worry about this or something similar, that something isn't right.

I'm woefully ignorant about the phishing threat.

kryyst

It's possible that such a site exists, though your computer would have to be infected so that either your hosts file has been modified or your DNS settings are being affected. I personally haven't heard of any scams that are doing this, but that doesn't mean they don't exist. Have you done a virus scan, spyware scan etc...

Odds are you are probably not in danger and it's probably just your own paranoia. However what do you mean by your gmail is acting weird?

Calypze

kryyst wrote:

Have you done a virus scan, spyware scan etc...

Yes, I scan with various programs from time to time, and they rarely find malware. In the cases they do, and I can't sort it out on my own, I turn to forums like this one for help.

kryyst wrote:

Odds are you are probably not in danger and it's probably just your own paranoia. However what do you mean by your gmail is acting weird?

Well, it acts kinda irregular sometimes. Some examples: On one occasion, the yellow bar stating that the message has been sent did not come up above the inbox as it usually does. And on another occasion, the "loading" which appears after signing in, appeared two times (instead of the usual one).

the_technocrat

Calypze wrote:

Is it possible that there are phishing sites in which one sign in, and then one is taken to the real site, signed in, i.e sort of re-directed?

For example, let's say there is a phishing site for Hotmail or Paypal or any other site. It would then record one's username and password that were entered, keep them (so that it has access to the user's account), and then use them to immediately sign in the user to the real site, so that the user wouldn't know that he/she was phished.

Does such phishing sites exist? I feel GMail is sometimes acting a little weird, so I somewhat worry about this or something similar, that something isn't right.

I'm woefully ignorant about the phishing threat.

it's possible, just make sure you're at the site you think you're going to BEFORE entering your credentials, cause if you look after, a phishing scam like this would be undetected.

the_technocrat

also note that since you specifically mentioned gmail:

1. Gmail maintains a secure connection during the login process, but sends you to an unsecured connection after you log in.
2. You can get around this by going to https://www.gmail.com instead of http://www.gmail.com (note the 's'). Since you initally contacted Gmail via https, it will keep you secured for your entire session, not just the logon.

GHoosdum

I've experienced Gmail having similar symptoms on occasion. Are you on a wireless connection? It seems most frequent when there's an interruption in the connection to the server.

kryyst

Calypze wrote:

Well, it acts kinda irregular sometimes. Some examples: On one occasion, the yellow bar stating that the message has been sent did not come up above the inbox as it usually does. And on another occasion, the "loading" which appears after signing in, appeared two times (instead of the usual one).

That sounds like a lag issue in the page refreshing. At least it could present as such. My gut tells me your fine. But post up a highjack log in the SVT board and we can take a better look.