Rapidshare Phishing, for those of you that don't know, is a fake Rapidshare web site. It is made to steal your account information and to steal your credit card (or any payment method) if you decide to sign up for a premium account.
The login page at rapidshare.com uses SSL-protection with the following Encryption Protocol: TLS v1.0 256 bit AES (1024 bit RSA/SHA).
A phishing site in 95% of the cases, doesn't use encryption, for "plain text" password procurement.
There are 2 easy things that make the original login page of rapidshare //https://ssl.rapidshare.com/cgi-bin/premiumzone.cgi
genuine:
* The URL contains "https://", not "http://" Most information is transmitted in clear text so that anyone can read it. HTTPS defines a method for encrypting messages so only the recipient can read it. HTTPS stands for Hyper Text Transfer Protocol Secure (or with SSL - Secure Socket Layer) and represents a TCP/IP protocol that is used by World Wide Web servers and Web browsers to transfer and display hypermedia documents securely across the Internet.
* The digital certificate.
1. For Firefox users, the whole address bar turns yellow and a small lock appears in the right of it, and in the right bottom of the window.
2. For Opera users, in the address bar appears a yellow space wich contains a small lock and then the name of the certificate: "RapidShare AG (CH)"
3. For Internet Explorer users, in the right bottom of the there's a small yellow lock which shows us that a certificate is present.
4. For any other browsers, search for a small lock either in the address bar, either at the bottom of the window.
Of course, advanced hackers can create fake certificates to trick users, but almost every browser is able to detect fake or suspicious certificates. (Issuer name missing, for example). Scammers can also configure their web server so that deceptive SSL certificates won't trigger an alert in the user's browser. "One of the SSL encoding methods is "plain text". Most SSL servers have this disabled by default, but most browsers support it. When plain text is used, no central certificate authority is consulted and the user never sees a message asking if a certificate should be accepted (because 'plain text' doesn't use certificates). Keeping that in mind, the little lock icon may not even indicate an encrypted channel. The little lock only indicates an SSL connection." A technique called visual spoofing offers another method to present a "lock" to visitors on a Scam phishing site. The technique alters the user interface of the web browser, substituting images for parts of the browser interface that would normally help users detect the fraud. Javascript links launch a new browser window without scrollbars, menubars, toolbars and the status bar - which allows the scam artists to substitute a fake status bar containing the URL for a legitimate site, along with an image of a "lock" indicating a secure SSL site.
But then again, some have created a way to make the certificate popup box look genuine, so the best method would be to check the ssl (https://). This is not limited to just Rapidshare. Any of the upload sites can be made into Phishers. If you suspect you have entered your info on one of these sites... change your password immediatly. Only you are responsible for your actions if you fall for it. Just like anywhere else on the net, you HAVE to be carefull. Always a scammer looking for prey.