Incredible New Ebay Phishing Mail

This image was lost some time after publication, but you can still view it here.

This is a bit off topic, but it's a fascinating study of what happens when Phishers get a book on Javascript.

First off, I don't specifically understand what's going on here. Ping me if you'd like to get the link and do some forensics. Essentially, you go to the typical locked-down Apache site with lots of fake Paypal material. It asks you to click another link and then you get some sort of strange mini-browser that causes your main browser to auto-supply your email and password. I stopped the script before it could do any harm, but clearly they are piggy-backing on a real site here.


The header of the mini-browser appears above. Click it to see the full screen. I wouldn't normally post these but this one was so unique and I haven't had my coffee yet. I got so freaked that I went and changed my Paypal password. I changed it to 1234.

UPDATE - Slashdot picked up the trail as did Bachelor Ben. Thanks, faceless horde!

Share This Story