| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <002301c51192$7258d950$9865fea9@island55> Date: Sun, 13 Feb 2005 01:08:32 -0500 From: "Steven" <steven@...ebug.org> To: <incidents@...urityfocus.com>, <bugtraq@...urityfocus.com> Subject: eBay Account Phishing with eBay Redirect I am not sure if this is better served by incidents or bugtraq, but in any event here it is. I frequently get the fake looking e-mails phishing for my Paypal, eBay, and banking login/password information. Generally the links to the spoofed webpages are just links to a fake page with a modified A HREF tag. However, it appears someone has found that eBay's actual page has a command to redirect to a specified webpage. While this shouldn't be a big risk, it still poses a small one and is being actively exploitated. The page actually appears to link to eBay and it does, the link below is the one I received in my inbox recently. http://cgi4.ebay.com/ws/eBayISAPI.dll?MfcISAPICommand=RedirectToDomain&DomainUrl=http%3A%2F%2F%32%31%31%2E%31%37%32%2E%39%36%2E%37%2FUpdateCenter%2FLogin%2F%3FMfcISAPISession%3DAAJbaQqzeHAAeMWZlHhlWXS2AlBXVShqAhQRfhgTDrferHCURstpAisNRqAhQRfhgTDrferHCURstpAisNRpAisNRqAhQRfhgTDrferHCUQRfqzeHAAeMWZlHhlWXh Simply: http://cgi4.ebay.com/ws/eBayISAPI.dll?MfcISAPICommand=RedirectToDomain&DomainUrl=www.website.com Steven steven@...ebug.org
Powered by blists - more mailing lists