[Dshield] New Paypal scam

Blanchard, Joe BLANCHAJ at bsci.com
Mon Sep 22 17:03:03 GMT 2003

<...isn't the host part delimited by the forward slash, though?

That said, I wouldn't be at all surprised if the IE URL parser actually
*is* that broken.>

Nope. ftp://www.paypal.com@ftp.redhat.com Denotes User at domain_name but in
lieu of ftp http: simply suggests login at domain_name. This is an old tactic
I seem to remember seeing it in 4.0 days of IE too.


More information about the list mailing list