[42180] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

PayPal Phishing Site Exploits Google XSS Vulnerability

daemon@ATHENA.MIT.EDU (Paul Laudanski)
Sat Jan 14 09:04:55 2006

Date: Wed, 11 Jan 2006 00:51:44 -0500 (EST)
From: Paul Laudanski <zx@castlecops.com>
To: bugtraq@securityfocus.com, <vuln@secunia.com>,
        <webappsec@securityfocus.com>
Cc: reportphishing@antiphishing.org
Message-ID: <Pine.LNX.4.44.0601110049120.29159-100000@bugsbunny.castlecops.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

There is a new PayPal phishing site that is crafty and cunning in
attempting to hide its true address from the surfer. Unsuspecting users
might fall for this devious trickery. It is thru a Google XSS attack that
the phishing site uses to begin its lure and deception of the surfer. Read
full details and watch the entire captured video of this scam here:

http://castlecops.com/a6460-PayPal_Phishing_Site_Exploits_Google_XSS_Vulnerability.html

( short: http://castlecops.com/article-6460-nested-0-0.html )

-- 
Paul Laudanski, Microsoft MVP Windows-Security
[de] http://de.castlecops.com
[en] http://castlecops.com
[wiki] http://wiki.castlecops.com
[family] http://cuddlesnkisses.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[42180] in bugtraq

PayPal Phishing Site Exploits Google XSS Vulnerability

daemon@ATHENA.MIT.EDU (Paul Laudanski)Sat Jan 14 09:04:55 2006

daemon@ATHENA.MIT.EDU (Paul Laudanski)
Sat Jan 14 09:04:55 2006