[Dshield] Very clever eBay spoofing

Aaron Lewis aaron at adldatacomm.net
Mon Dec 5 03:16:40 GMT 2005


I just got snagged by a very clever eBay spoof. The email was crafted as a
question from an eBay member. As you all know eBay nicely puts that 'Reply
To' button in those emails and asks you to log in, in order to type your
reply. So I did,, then I realized what I had done.

I have the URL and 2 Java scripts on the page if anyone is interested. I'm
not into JS so it would be great if someone could take a look at this and
tell me what information could have been had.

Thanks

ADL



More information about the list mailing list