anonymous wrote:

---

Whats this, at the bottom of the page with a mere 3 views?

HRRRRMMMPPPPHHH!!!!!

---

 

Good question! Bet it gets more views now because I have arrived. LOL!

Here is the full article for those "gawkers" who are afraid to click on legit links:


By Joris Evers
Staff Writer, CNET News.com
Published: January 10, 2007, 11:47 AM PST
TalkBack E-mail Print del.icio.us Digg this
Security experts at RSA have come across a new tool that automatically creates sophisticated phishing sites, a sign that cybercrooks are getting increasingly professional.

The tool, which RSA calls the "Universal Man-in-the-Middle Phishing Kit," is available on underground online marketplaces for about $1,000, Jens Hinrichsen, RSA's product marketing manager for fraud auction, said in an interview Wednesday.

"Unlike other phishing kits which have been in existence for quite some time, this kit is unique because with a very simple user interface you can choose whatever site you'd like to spoof," Hinrichsen said. "The arms race continues; we on the security side have to continue to escalate resources and invest in technology."

Phishing scams are a prevalent online threat that typically use fraudulent Web pages and spammed e-mail messages to trick people into giving up personal information such as user credentials or credit card data.

Using the new kit, a fraudster only has to enter variables such as which site should be spoofed and where the fraudulent page will be hosted. The tool then produces a dynamic Web page in the PHP (hypertext preprocessor) scripting language. The fraudster hosts this page somewhere on the Web, typically on a compromised Web server or a free Web host, and lures people to it with spammed e-mail messages or other links.

Unlike traditional phishing Web sites that have static Web pages designed to look like a real online bank or other trusted site, the dynamic page created by the phishing kit actually pulls in the current Web site of the target organization and displays it. However, any data entered is captured by the miscreants, Hinrichsen said.

"Once you enter your credentials, it would be intercepted by that server where the PHP file is hosted," he said. At the same time, the victim is actually logged in to the legitimate site and may never know he's been phished.

Now on News.com:
Designing adult games for female players
Heavy traffic at Geneva show
In search of scientific inspiration at TED
Extra: Moore's Law not dead yet
Video: Spectroscopy on the go with new, portable tech
Shrewd phishers monitor the log-in process to validate that the data they capture is legitimate, Hinrichsen said. An incorrect username and password combination would be discarded. Also, the man-in-the-middle-style attack lets the miscreants continue to eavesdrop on the victim's interactions with the legitimate Web site, according to RSA.

The most popular phishing targets are banks and online payment services such as PayPal. Auctioneer eBay is also a common target. Fraudsters run phishing scams to collect personal information that can be used for identity fraud.

Phishing protection is becoming common. The latest versions of Firefox and Internet Explorer include phishing shields. Also, security firms such as Symantec and McAfee sell antiphishing software.

Protection technologies typically rely on a list of known bad Web sites and display a warning when a user surfs to one of those. This means, however, that a brand-new fraudulent site won't be detected. In general, people should be cautious when following links to any site that requires a log in. It is better to type in the address or use a bookmark.

http://forums.ebay.com/db2/thread.jspa?threadID=2000329365&tstart=0&mod=1173575465248


eBay's new trojan: Bayrob.

dimesy1 (0 ) View Listings | Report Mar-05-07 18:46 PST
It’s always something, isn't it?

Here’s the latest security warning from symantec, about an ASQ/fake page redirect trojan - sounds like a mutant.

EBay Motors Scam
We have recently received a new threat that targets users of the eBay auction site and, more specifically, motor auctions. The threat, named Trojan.Bayrob, is quite advanced and tries to implement a man in the middle style attack.

While we have previously seen Infostealers that try to steal your username and password, a threat attempting a man in the middle attack on eBay is very unusual.

Man in the middle attacks are very powerful, but are also difficult to code correctly. Trojan.Bayrob takes the approach of implementing a local proxy server and directing traffic bound for eBay through this local proxy server. The proxy server listens on localhost port 80.

The warning is quite long, detailed, and illustrated.

Check it out....


Date posted Reply #
orange_cape_hides_me (Private ) View Listings | Report Mar-05-07 18:48 PST 1 of 65
Thanks, Dimesy.

I think that more people are beginning to realize that Ebay is just not safe. Too much to navigate and protect against, and the risk is not worth the gain.

Caped~

orange_cape_hides_me (Private ) View Listings | Report Mar-05-07 18:51 PST 2 of 65
That is unbelievably scary since it appears that the trojan can update itself and the servers it is using and there is no predicative way to determine what page on the eBay site would infect a user.



Caped~

ruthl416 (115 ) View Listings | Report Mar-05-07 18:58 PST 3 of 65
caped and dimsey,

Read that, creeps me out.



XXXBetter Safe than sorry, change your password today~

fairtrade (305 ) View Listings | Report Mar-06-07 06:55 PST 4 of 65
I think that more people are beginning to realize that Ebay is just not safe. Too much to navigate and protect against, and the risk is not worth the gain

That speaks volumes by itself!! Great post!

WHACK-A-HACK
It made a difference to that one didn't it?!?! forums.ebay.comforums at ebay.com....