Sneaky Phishing Attempt

This is, by far, one of the sneakiest phishing attempts that I’ve received, to date:

http://cgi4.ebay.com/ws/eBayISAPI.dll?MfcISAPICommand=RedirectToDomain&DomainUrl=http%3A%2F%2F%32%30%33%2E%32%33%34%2E%32%35%2E%31%39%30%2FUpdateCenter%2FLogin%2F%3FMfcISAPISession%3DAAJbaQqzeHAAeMWZlHhlWXS2AlBXVShqAhQRfhgTDrferHCURstpAisNRqAhQfgfhgTDrferHCURstpAisNfgpAisNRqAhQRfhgTDrferHCUQRfqzeHAfdeMWZlHhlWXh

If you’ll notice, the URL does appear to be actually at ebay.com (which it is), however they’re using a hidden command in this particular dll to redirect the user to their own, personal, phishing page. This is very sneaky, Gmail didn’t even catch it.

This attempt knocks out the particular email that I received with the entire contents represented as an image (so it looked completely legit) and a link sending the user to their phish page. These malicious hackers are just getting worse and worse. I really feel sorry for the average Internet user having to deal with this.

Posted: February 21st, 2005

Subscribe for email updates

Comments are closed.
Comments are automatically turned off two weeks after the original post. If you have a question concerning the content of this post, please feel free to contact me.

Secrets of the JavaScript Ninja

Secrets of the JS Ninja

Secret techniques of top JavaScript programmers. Published by Manning.

Subscribe for email updates

John Resig Twitter Updates

@jeresig / Mastodon

Infrequent, short, updates and links.