WebApp Sec mailing list archives
Re: PayPal Phishing Site Exploits Google XSS Vulnerability
From: Paul Laudanski <zx () castlecops com>
Date: Wed, 11 Jan 2006 15:58:01 -0500 (EST)
On Wed, 11 Jan 2006, Stelian Ene wrote:
Paul Laudanski wrote:There is a new PayPal phishing site that is crafty and cunning in attempting to hide its true address from the surfer. Unsuspecting users might fall for this devious trickery. It is thru a Google XSS attack thatThat XSS attack was solved some time ago. This is simply using the well known google.com/url?q=http://YOURURLHERE trick. I wouldn't call this a security vulnerability, and google is certainly not the only one affected. It's rather a social engineering scam: the users clicks on a google link and does not expect to end up someplace else...
Hi Stelian, thanks for the reply. The article addresses the Google XSS vulnerability by way of Securiteam. The article is not focusing on the Google XSS itself per se, but rather that new phishing scams are exploiting this to snare unsuspecting PayPal users. Unfortunately, these attacks are going further than that by concealing the true address location in the browser. The article and video reveal all of this in the hopes that no one will fall prey. Not to mention there are at least two real world scams using all of these techniques and glitches. Yes there are other sites vulnerable to this kind of XSS, but none of them carry the same brand name. The newest domain I'm seeing involved in this trickery on top of the first one from last night is: 210.110.166.167 These phishing scams need to be shut down, whether they use XSS or not. -- Paul Laudanski, Microsoft MVP Windows-Security [de] http://de.castlecops.com [en] http://castlecops.com [wiki] http://wiki.castlecops.com [family] http://cuddlesnkisses.com ------------------------------------------------------------------------- This List Sponsored by: Watchfire Watchfire's AppScan is the industry's first and leading web application security testing suite, and the only solution to provide comprehensive remediation tasks at every level of the application. See for yourself. Download AppScan 6.0 today. https://www.watchfire.com/securearea/appscansix.aspx?id=701300000003Ssh --------------------------------------------------------------------------
Current thread:
- PayPal Phishing Site Exploits Google XSS Vulnerability Paul Laudanski (Jan 11)
- Re: PayPal Phishing Site Exploits Google XSS Vulnerability Stelian Ene (Jan 11)
- Re: PayPal Phishing Site Exploits Google XSS Vulnerability Paul Laudanski (Jan 11)
- <Possible follow-ups>
- Re: PayPal Phishing Site Exploits Google XSS Vulnerability shwaya (Jan 12)
- Re: PayPal Phishing Site Exploits Google XSS Vulnerability Stelian Ene (Jan 11)