Incredible New Ebay Phishing Mail

This image was lost some time after publication, but you can still view it here.
This image was lost some time after publication, but you can still view it here.

This is a bit off topic, but it's a fascinating study of what happens when Phishers get a book on Javascript.

Advertisement

First off, I don't specifically understand what's going on here. Ping me if you'd like to get the link and do some forensics. Essentially, you go to the typical locked-down Apache site with lots of fake Paypal material. It asks you to click another link and then you get some sort of strange mini-browser that causes your main browser to auto-supply your email and password. I stopped the script before it could do any harm, but clearly they are piggy-backing on a real site here.

The header of the mini-browser appears above. Click it to see the full screen. I wouldn't normally post these but this one was so unique and I haven't had my coffee yet. I got so freaked that I went and changed my Paypal password. I changed it to 1234.

UPDATE - Slashdot picked up the trail as did Bachelor Ben. Thanks, faceless horde!

DISCUSSION