Full Disclosure mailing list archives
Re: Fake ebay password stealer
From: "Benjamin M.A. Robson" <brobson () fulcrum com au>
Date: 04 Oct 2003 00:39:18 +1000
Isn't this just the same as the ebayupdates.com scam some 8-9 months ago? The form even looks identical (from what I remember of the form). See: http://www.siliconvalley.com/mld/siliconvalley/4713932.htm or http://news.bbc.co.uk/1/hi/business/2581197.stm BenR. Old news. *yawn* On Fri, 2003-10-03 at 23:15, tom () doctorunix com wrote:
Following on the heels of the "very good looking" microsoft security patch worm, i am now in posession of an even more convincing "Ebay Request" to reconfirm your credit card number, PayPal account, password, etc. This appears to be an excellent fake and we can expect many people to be tricked. To see how good it looks, Checkout this image. (It doesn't look like an image but it is actually a JPG which hides a link to the attacker's server.) Many people will be fooled. The url is fake (it is just a picture after all). Clicking on the real email takes the user to http://211.170.97.202:5801/%73%65%63%75%72%69%74%79/%69%6E%64%65%78%2E%68%74%6D (Embedded image moved to file: pic18757.gif) tc ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Fake ebay password stealer tom (Oct 03)
- Re: Fake ebay password stealer Benjamin M.A. Robson (Oct 03)
- Re: Fake ebay password stealer Sebastian Niehaus (Oct 04)