Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



WebApp Sec: PayPal Phishing Site Exploits Google XSS Vulnerability

PayPal Phishing Site Exploits Google XSS Vulnerability

From: Paul Laudanski <zx_at_castlecops.com>
Date: Wed, 11 Jan 2006 00:51:44 -0500 (EST)

There is a new PayPal phishing site that is crafty and cunning in
attempting to hide its true address from the surfer. Unsuspecting users
might fall for this devious trickery. It is thru a Google XSS attack that
the phishing site uses to begin its lure and deception of the surfer. Read
full details and watch the entire captured video of this scam here:

http://castlecops.com/a6460-PayPal_Phishing_Site_Exploits_Google_XSS_Vulnerability.html

( short: http://castlecops.com/article-6460-nested-0-0.html ) 

-- 
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com
-------------------------------------------------------------------------
This List Sponsored by: Watchfire
Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. See for yourself. 
Download AppScan 6.0 today.
https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------
Received on Jan 11 2006
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]