[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-Disclosure] Fake ebay password stealer
- To: full-disclosure@lists.netsys.com
- Subject: Re: [Full-Disclosure] Fake ebay password stealer
- From: "Benjamin M.A. Robson" <brobson@fulcrum.com.au>
- Date: 04 Oct 2003 00:39:18 +1000
Isn't this just the same as the ebayupdates.com scam some 8-9 months
ago? The form even looks identical (from what I remember of the form).
See:
http://www.siliconvalley.com/mld/siliconvalley/4713932.htm
or
http://news.bbc.co.uk/1/hi/business/2581197.stm
BenR.
Old news. *yawn*
On Fri, 2003-10-03 at 23:15, tom@doctorunix.com wrote:
>
>
> Following on the heels of the "very good looking" microsoft security patch
> worm, i am now in posession of an even more convincing "Ebay Request" to
> reconfirm your credit card number, PayPal account, password, etc. This
> appears to be an excellent fake and we can expect many people to be
> tricked.
>
> To see how good it looks, Checkout this image. (It doesn't look like an
> image but it is actually a JPG which hides a link to the attacker's
> server.) Many people will be fooled. The url is fake (it is just a
> picture after all). Clicking on the real email takes the user to
> http://211.170.97.202:5801/%73%65%63%75%72%69%74%79/%69%6E%64%65%78%2E%68%74%6D
>
>
>
>
>
> (Embedded image moved to file: pic18757.gif)
>
>
> tc
>
>
>
>
>
> -------------------------------------------------
> This mail sent through IMP: http://horde.org/imp/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html