#294048 - 20/02/2007 16:35
Nice eBay hack/phish
|
old hand
Registered: 17/01/2003
Posts: 998
|
!!!! Don't enter your eBay ID and password!!!! The following eBay auction does a redirect and places you in an eBay like logon page. I imagine it then grabs your ID and password. Looks like the hackers are ahead of eBay's security. Again... DON"T PUT IN YOUR PASSWORD. http://cgi.ebay.com/ebaymotors/Fresh-Fre...1QQcmdZViewItem
|
Top
|
|
|
|
#294049 - 20/02/2007 16:42
Re: Nice eBay hack/phish
[Re: Redrum]
|
carpal tunnel
Registered: 30/10/2000
Posts: 4931
Loc: New Jersey, USA
|
Wow.
At least Firefox warned me something was fishy.
Attachments
294679-ebay.gif (167 downloads)
_________________________
-Rob Riccardelli 80GB 16MB MK2 090000736
|
Top
|
|
|
|
#294050 - 20/02/2007 16:44
Re: Nice eBay hack/phish
[Re: Redrum]
|
carpal tunnel
Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
|
Huh. Firefox picks up on it and gives you a really obvious warning, graying out the screen and opening a huge balloon window.
_________________________
Bitt Faulk
|
Top
|
|
|
|
#294051 - 20/02/2007 16:45
Re: Nice eBay hack/phish
[Re: robricc]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: Wow.
At least Firefox warned me something was fishy.
I got taken but imeadiately changed my password
I'm way to fast on entering ID's and passwords. Seems I'm always prompted. New motto - "think before I type."
|
Top
|
|
|
|
#294052 - 20/02/2007 17:20
Re: Nice eBay hack/phish
[Re: Redrum]
|
carpal tunnel
Registered: 20/12/1999
Posts: 31600
Loc: Seattle, WA
|
IE7's phishing filter also catches it.
Still, sad to think that other people had to get taken in by it before it was reported as a phishing site.
|
Top
|
|
|
|
#294053 - 20/02/2007 17:29
Re: Nice eBay hack/phish
[Re: tfabris]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: IE7's phishing filter also catches it.
Still, sad to think that other people had to get taken in by it before it was reported as a phishing site.
I'd like to upgrade to IE7 but some of my companies apps will not work with IE7. Also it blows up charcoalgray's Empeg style sheet, so I've read.
|
Top
|
|
|
|
#294054 - 20/02/2007 17:47
Re: Nice eBay hack/phish
[Re: robricc]
|
carpal tunnel
Registered: 08/06/1999
Posts: 7868
|
Thats the first time I've seen it, pretty cool.
Good reason to move to Firefox 2 or IE7 then. I wonder what the lag time is between one of these appearing and getting reported in the browser.
|
Top
|
|
|
|
#294055 - 20/02/2007 17:56
Re: Nice eBay hack/phish
[Re: drakino]
|
carpal tunnel
Registered: 20/12/1999
Posts: 31600
Loc: Seattle, WA
|
For me it was more or less instantaneous. However, the phishing page did render fully before it popped over to the blocker page, long enough to see its content. (Y'all should warn us when clicking on a link is not worksafe!)
|
Top
|
|
|
|
#294056 - 20/02/2007 18:04
Re: Nice eBay hack/phish
[Re: Redrum]
|
carpal tunnel
Registered: 29/08/2000
Posts: 14496
Loc: Canada
|
Quote:
I'd like to upgrade to IE7 but some of my companies apps will not work with IE7. Also it blows up charcoalgray's Empeg style sheet, so I've read.
No loss there. That style sheet only worked on exactly one brand/version of browser. I've never been able to see it in action here, despite having a good half-dozen or so different browsers to choose from.
Cheers
|
Top
|
|
|
|
#294057 - 20/02/2007 18:05
Re: Nice eBay hack/phish
[Re: drakino]
|
carpal tunnel
Registered: 29/08/2000
Posts: 14496
Loc: Canada
|
Quote: Thats the first time I've seen it, pretty cool.
Good reason to move to Firefox 2 or IE7 then. I wonder what the lag time is between one of these appearing and getting reported in the browser.
Not an issue in Firefox 1.5, either.
|
Top
|
|
|
|
#294058 - 20/02/2007 18:08
Re: Nice eBay hack/phish
[Re: mlord]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote:
Quote:
I'd like to upgrade to IE7 but some of my companies apps will not work with IE7. Also it blows up charcoalgray's Empeg style sheet, so I've read.
No loss there. That style sheet only worked on exactly one brand/version of browser. I've never been able to see it in action here, despite having a good half-dozen or so different browsers to choose from.
Cheers
Works fine for me on ie 6.0.29. And I know a few older versions as well. I first had issues with it streaming but I fixed that, somehow, I forget. I really like it.
|
Top
|
|
|
|
#294059 - 20/02/2007 18:18
Re: Nice eBay hack/phish
[Re: Redrum]
|
veteran
Registered: 21/01/2002
Posts: 1380
Loc: Erie, CO
|
Quote: Works fine for me on ie 6.0.29. And I know a few older versions as well. I first had issues with it streaming but I fixed that, somehow, I forget. I really like it.
Different versions of the same browser.
Netscape, Mozilla, Safari, Opera, etc. There are many other web browsers out there, designing for only one of them is less than ideal. If your company had taken this into consideration when developing for IE only then you would have no problem using the apps with IE7 or Mozilla or any other standards-based web browser.
|
Top
|
|
|
|
#294060 - 20/02/2007 19:21
Re: Nice eBay hack/phish
[Re: Redrum]
|
old hand
Registered: 14/04/2002
Posts: 1172
Loc: Hants, UK
|
Quote: I'm way to fast on entering ID's and passwords. Seems I'm always prompted. New motto - "think before I type."
A few months ago I was taken in by a Yahoo phisher and felt a right fool. It was one of those spam URLs sent around YIM and I clicked because I had quite a few of them and wondered what they were spamming. It took me straight to a very convincing login page, and perhaps because I don't treat a Yahoo logins as being that valuable I "logged in" and then got a Geocities bandwidth announcement. A short while later Gaim told me I had been logged out of Yahoo and I thought "strange" and reconnected it. Then somebody asked me what was up with the URL I sent them and I thought "damn!" and changed my password immediately.
|
Top
|
|
|
|
#294061 - 20/02/2007 19:51
Re: Nice eBay hack/phish
[Re: g_attrill]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote:
Quote: I'm way to fast on entering ID's and passwords. Seems I'm always prompted. New motto - "think before I type."
A few months ago I was taken in by a Yahoo phisher and felt a right fool. It was one of those spam URLs sent around YIM and I clicked because I had quite a few of them and wondered what they were spamming. It took me straight to a very convincing login page, and perhaps because I don't treat a Yahoo logins as being that valuable I "logged in" and then got a Geocities bandwidth announcement. A short while later Gaim told me I had been logged out of Yahoo and I thought "strange" and reconnected it. Then somebody asked me what was up with the URL I sent them and I thought "damn!" and changed my password immediately.
Yea I felt a bit foolish for being taken. I changed my password right away so I think I'm safe.
I don't think they can do anything to me but kill my rating or put up fake auctions. And if I locked them out they can't even do that. They don't have any credit card info or Paypal password. At least I hope not.
|
Top
|
|
|
|
#294062 - 20/02/2007 19:53
Re: Nice eBay hack/phish
[Re: g_attrill]
|
pooh-bah
Registered: 06/04/2005
Posts: 2026
Loc: Seattle transplant
|
Quote:
Quote: I'm way to fast on entering ID's and passwords. Seems I'm always prompted. New motto - "think before I type."
A few months ago I was taken in by a Yahoo phisher and felt a right fool. It was one of those spam URLs sent around YIM and I clicked because I had quite a few of them and wondered what they were spamming. It took me straight to a very convincing login page, and perhaps because I don't treat a Yahoo logins as being that valuable I "logged in" and then got a Geocities bandwidth announcement. A short while later Gaim told me I had been logged out of Yahoo and I thought "strange" and reconnected it. Then somebody asked me what was up with the URL I sent them and I thought "damn!" and changed my password immediately.
Hmm- I got caught by a YIM phisher from a friend. The message was something like 'log in to download photos from xxxx' or some-such nonsense. Before I thought about it I dove in. Duh. Then I immediately thought better of it and changed my password. I haven't heard or seen any inappropriate use of my Yahoo account, so I guess I caught it soon enough.
_________________________
10101311 (20GB- backup empeg) 10101466 (2x60GB, Eutronix/GreenLights Blue) (Stolen!)
|
Top
|
|
|
|
#294063 - 20/02/2007 23:09
Re: Nice eBay hack/phish
[Re: Robotic]
|
carpal tunnel
Registered: 17/12/2000
Posts: 2665
Loc: Manteca, California
|
E-bay killed it.
_________________________
Glenn
|
Top
|
|
|
|
#294064 - 20/02/2007 23:27
Re: Nice eBay hack/phish
[Re: gbeer]
|
old hand
Registered: 17/01/2003
Posts: 998
|
Quote: E-bay killed it.
Good!
|
Top
|
|
|
|
|
|