WebApp Sec mailing list archives
PayPal Phishing Site Exploits Google XSS Vulnerability
From: Paul Laudanski <zx () castlecops com>
Date: Wed, 11 Jan 2006 00:51:44 -0500 (EST)
There is a new PayPal phishing site that is crafty and cunning in attempting to hide its true address from the surfer. Unsuspecting users might fall for this devious trickery. It is thru a Google XSS attack that the phishing site uses to begin its lure and deception of the surfer. Read full details and watch the entire captured video of this scam here: http://castlecops.com/a6460-PayPal_Phishing_Site_Exploits_Google_XSS_Vulnerability.html ( short: http://castlecops.com/article-6460-nested-0-0.html ) -- Paul Laudanski, Microsoft MVP Windows-Security [de] http://de.castlecops.com [en] http://castlecops.com [wiki] http://wiki.castlecops.com [family] http://cuddlesnkisses.com ------------------------------------------------------------------------- This List Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today. https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh --------------------------------------------------------------------------
Current thread:
- PayPal Phishing Site Exploits Google XSS Vulnerability Paul Laudanski (Jan 11)
- Re: PayPal Phishing Site Exploits Google XSS Vulnerability Stelian Ene (Jan 11)
- Re: PayPal Phishing Site Exploits Google XSS Vulnerability Paul Laudanski (Jan 11)
- <Possible follow-ups>
- Re: PayPal Phishing Site Exploits Google XSS Vulnerability shwaya (Jan 12)
- Re: PayPal Phishing Site Exploits Google XSS Vulnerability Stelian Ene (Jan 11)