Full Disclosure mailing list archives

Re: Fake ebay password stealer

From: Sebastian Niehaus <killedbythoughts () mindcrime net>
Date: 04 Oct 2003 21:33:31 +0200

tom () doctorunix com writes:

Following on the heels of the "very good looking" microsoft security patch
worm, i am now in posession of an even more convincing "Ebay Request" to
reconfirm your credit card number, PayPal account, password, etc.   This
appears to be an excellent fake and we can expect many people to be
tricked.

To see how good it looks, Checkout this image.  (It doesn't look like an
image but it is actually a JPG which hides a link to the attacker's
server.)  Many people will be fooled.  The url is fake (it is just a
picture after all).


Combine it with a QHosts-1 feature and you get your sensitive data
even from users looking for the URL displayed in the address field of
the browser.


Sebastian
-- 


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Fake ebay password stealer tom (Oct 03)
- Re: Fake ebay password stealer Benjamin M.A. Robson (Oct 03)
- Re: Fake ebay password stealer Sebastian Niehaus (Oct 04)