Seth Arnold wrote: >On Fri, Sep 13, 2002 at 10:30:53AM -0700, Robert Johnston wrote: > > >>I suspect some credit card information has been compromised as well. >> >> >I suspect someone simply forged the email to appear as if it came from >uBid. That takes absolutely no effort. > I had a similar experience 2 days ago, when I got e-mail that claimed to be from Paypal. It said that Paypal had experienced a system failure, and I should log in and update my personal information. It had a helpful piece of advice that I should never give my password to anyone but Paypal. And it provided a helpful link for me to log in. The catch: the TEXT for the link said it pointed to "paypal.com" but the underlying link actually pointed to "paypalsys.com", a Trojan web site set up to collect user-ID/password info from unsuspecting Paypal users. As Seth points out, absolutely no compromise of Paypal servers is necessary to deploy this scam. All that is required is for a user to click on a link in an e-mail without thinking about it very much. Crispin -- Crispin Cowan, Ph.D. Chief Scientist, WireX http://wirex.com/~crispin/ Security Hardened Linux Distribution: http://immunix.org Available for purchase: http://wirex.com/Products/Immunix/purchase.html
This archive was generated by hypermail 2b30 : Fri Sep 13 2002 - 14:29:25 PDT