Full Disclosure mailing list archives
Fake ebay password stealer
From: tom () doctorunix com
Date: Fri, 3 Oct 2003 08:15:27 -0500
Following on the heels of the "very good looking" microsoft security patch worm, i am now in posession of an even more convincing "Ebay Request" to reconfirm your credit card number, PayPal account, password, etc. This appears to be an excellent fake and we can expect many people to be tricked. To see how good it looks, Checkout this image. (It doesn't look like an image but it is actually a JPG which hides a link to the attacker's server.) Many people will be fooled. The url is fake (it is just a picture after all). Clicking on the real email takes the user to http://211.170.97.202:5801/%73%65%63%75%72%69%74%79/%69%6E%64%65%78%2E%68%74%6D (Embedded image moved to file: pic18757.gif) tc ------------------------------------------------- This mail sent through IMP: http://horde.org/imp/
Current thread:
- Fake ebay password stealer tom (Oct 03)
- Re: Fake ebay password stealer Benjamin M.A. Robson (Oct 03)
- Re: Fake ebay password stealer Sebastian Niehaus (Oct 04)