20.03.2005 22:33

Got spam

Got spam today. Nothing special, but this one is interesting.

It looks like a message from eBay (my copy seems to be sent from Sweden — because of the message header). The title is "eBay Account Suspended". Everything looks correctly, it points to eBay site...well, seems to point. The HTML code probably says everything:

<b>To confirm your identity with us click here: </b><br> <a href=""> https://www.ebay.com/account/fraudverification/verification.asp?system=0x12

So it shows proper address, but really points to a different one. I'm not hidding the IP. There's a form on that site, looks like an eBay one, designed to get users' passwords.

Nice try, should work for many people. Only browser URL spoofing is missing.

Posted by Mara | Categories: Security