Language Selection

English French German Italian Portuguese Spanish

Phishers hack eBay

Filed under
Security

A flaw has been discovered on eBay’s website that would have allowed fraudsters to successfully redirect the sign-on process to a phishing site.

Reported by British anti-phishing outfit Netcraft, the clever scam apparently started with fraudsters sending e-mails asking eBay users to update their accounts. So far so normal, as such fake eBay e-mails are currently one of the phishing world’s persistent lines of attack.

Disarmingly, however, the link provided was genuine and led to the correct eBay sign-in page, signin.ebay.com. If users clicked on this, parameters embedded in the otherwise normal stream of characters at the end of the link actually redirected users away from the page after the sign-in page to a fake phishing page, via an open relay hosted at servlet.ebay.com.

The end result would have been that users gave away information allowing phishers to hijack their accounts, either as a way of laundering money or for launching fake auctions.

Full Article.

More in Tux Machines

Relax, it's just Ubuntu 15.04. AARGH! IT'S FULL OF SYSTEMD!!!

Most users will notice very little overall difference in this latest Ubuntu release, but it’s this change that packs the biggest punch. There are a couple of new things that make 15.04 worth the upgrade from previous versions, but the really big changes – like the move to Unity 8 and the whole "convergence" of the desktop and mobile versions – remain in the future. Read more More: