Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

webappsec logo WebApp Sec mailing list archives

PayPal Phishing Site Exploits Google XSS Vulnerability
From: Paul Laudanski <zx () castlecops com>
Date: Wed, 11 Jan 2006 00:51:44 -0500 (EST)
There is a new PayPal phishing site that is crafty and cunning in
attempting to hide its true address from the surfer. Unsuspecting users
might fall for this devious trickery. It is thru a Google XSS attack that
the phishing site uses to begin its lure and deception of the surfer. Read
full details and watch the entire captured video of this scam here:

http://castlecops.com/a6460-PayPal_Phishing_Site_Exploits_Google_XSS_Vulnerability.html

( short: http://castlecops.com/article-6460-nested-0-0.html )

-- 
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com



-------------------------------------------------------------------------
This List Sponsored by: Watchfire

Watchfire's AppScan is the industry's first and leading web application 
security testing suite, and the only solution to provide comprehensive 
remediation tasks at every level of the application. See for yourself. 
Download AppScan 6.0 today.

https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh
--------------------------------------------------------------------------

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]