Language Selection

English French German Italian Portuguese Spanish

Phishers hack eBay

Filed under
Security

A flaw has been discovered on eBay’s website that would have allowed fraudsters to successfully redirect the sign-on process to a phishing site.

Reported by British anti-phishing outfit Netcraft, the clever scam apparently started with fraudsters sending e-mails asking eBay users to update their accounts. So far so normal, as such fake eBay e-mails are currently one of the phishing world’s persistent lines of attack.

Disarmingly, however, the link provided was genuine and led to the correct eBay sign-in page, signin.ebay.com. If users clicked on this, parameters embedded in the otherwise normal stream of characters at the end of the link actually redirected users away from the page after the sign-in page to a fake phishing page, via an open relay hosted at servlet.ebay.com.

The end result would have been that users gave away information allowing phishers to hijack their accounts, either as a way of laundering money or for launching fake auctions.

Full Article.

More in Tux Machines

Today in Techrights

Web Server Setup Series - Fix CWP Errors & Warnings To Improve Server Security

​Welcome to the second part of the web server setup series. In this part, I'll show you how to fix CWP (CentOS web panel) errors and warnings, create new user accounts, create hosting packages, and create FTP account. So let's start. Read
more

How To Make Good Use Of 'grep' Command

​Linux and UNIX systems come with a shell command known as ‘grep’. This simply looks for a specified text, or pattern, in a file or an entire directory. The most common usage is for quickly searching a file for occurrences of a pattern, which can be in plain text, or in the form of a regular expression. Here, the patterns used will be simple text rather than regular expressions. Read
more

Android Leftovers