PayPal phishing website

Date: January 14, 2006
Source: dlmag.com


In our computerized society, everyday there are threats lurking, hidden, just waiting to catch innocent surfers,in a trap that will cost them dearly, talk here of course about scamming. In recent events a PayPal phishing site has been discovered, which hides its true address from the user. “Two XSS vulnerabilities were identified in the Google.com website, which allow an attacker to impersonate legitimate members of Google's services or to mount a phishing attack. Although Google uses common XSS countermeasures, a successful attack is possible, when using UTF-7 encoded payloads."

Even though Google has been notified via email, there has not yet been any official word on a solution to this problem. Although the Google XSS exploit add fuel to the fire, this is still a very dangerous phishing scam. The link below shows a 1024x768 flash film that shows the whole email delivery, thru the Google exploit, and then the execution of the scam.

The video is about 18 megabytes, so depending on the internet connection; it may take up to a few minutes. Digital Lifestyle Magazine asks any reader to proceed with caution, and notify other members of our technological community of this threat.
Original article

---

Add comment  Email to a Friend