Unoffical empeg BBS

Quick Links: Empeg FAQ | RioCar.Org | Hijack | BigDisk Builder | jEmplode | emphatic
Repairs: Repairs

Topic Options
#294048 - 20/02/2007 16:35 Nice eBay hack/phish
Redrum
old hand

Registered: 17/01/2003
Posts: 998
!!!! Don't enter your eBay ID and password!!!!

The following eBay auction does a redirect and places you in an eBay like logon page. I imagine it then grabs your ID and password.

Looks like the hackers are ahead of eBay's security.

Again... DON"T PUT IN YOUR PASSWORD.

http://cgi.ebay.com/ebaymotors/Fresh-Fre...1QQcmdZViewItem

Top
#294049 - 20/02/2007 16:42 Re: Nice eBay hack/phish [Re: Redrum]
robricc
carpal tunnel

Registered: 30/10/2000
Posts: 4931
Loc: New Jersey, USA
Wow.

At least Firefox warned me something was fishy.


Attachments
294679-ebay.gif (166 downloads)

_________________________
-Rob Riccardelli
80GB 16MB MK2 090000736

Top
#294050 - 20/02/2007 16:44 Re: Nice eBay hack/phish [Re: Redrum]
wfaulk
carpal tunnel

Registered: 25/12/2000
Posts: 16706
Loc: Raleigh, NC US
Huh. Firefox picks up on it and gives you a really obvious warning, graying out the screen and opening a huge balloon window.
_________________________
Bitt Faulk

Top
#294051 - 20/02/2007 16:45 Re: Nice eBay hack/phish [Re: robricc]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
Wow.

At least Firefox warned me something was fishy.


I got taken but imeadiately changed my password

I'm way to fast on entering ID's and passwords. Seems I'm always prompted. New motto - "think before I type."

Top
#294052 - 20/02/2007 17:20 Re: Nice eBay hack/phish [Re: Redrum]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
IE7's phishing filter also catches it.

Still, sad to think that other people had to get taken in by it before it was reported as a phishing site.
_________________________
Tony Fabris

Top
#294053 - 20/02/2007 17:29 Re: Nice eBay hack/phish [Re: tfabris]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
IE7's phishing filter also catches it.

Still, sad to think that other people had to get taken in by it before it was reported as a phishing site.



I'd like to upgrade to IE7 but some of my companies apps will not work with IE7. Also it blows up charcoalgray's Empeg style sheet, so I've read.

Top
#294054 - 20/02/2007 17:47 Re: Nice eBay hack/phish [Re: robricc]
drakino
carpal tunnel

Registered: 08/06/1999
Posts: 7868
Thats the first time I've seen it, pretty cool.

Good reason to move to Firefox 2 or IE7 then. I wonder what the lag time is between one of these appearing and getting reported in the browser.

Top
#294055 - 20/02/2007 17:56 Re: Nice eBay hack/phish [Re: drakino]
tfabris
carpal tunnel

Registered: 20/12/1999
Posts: 31597
Loc: Seattle, WA
For me it was more or less instantaneous. However, the phishing page did render fully before it popped over to the blocker page, long enough to see its content. (Y'all should warn us when clicking on a link is not worksafe!)
_________________________
Tony Fabris

Top
#294056 - 20/02/2007 18:04 Re: Nice eBay hack/phish [Re: Redrum]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
Quote:

I'd like to upgrade to IE7 but some of my companies apps will not work with IE7. Also it blows up charcoalgray's Empeg style sheet, so I've read.


No loss there. That style sheet only worked on exactly one brand/version of browser. I've never been able to see it in action here, despite having a good half-dozen or so different browsers to choose from.

Cheers

Top
#294057 - 20/02/2007 18:05 Re: Nice eBay hack/phish [Re: drakino]
mlord
carpal tunnel

Registered: 29/08/2000
Posts: 14493
Loc: Canada
Quote:
Thats the first time I've seen it, pretty cool.

Good reason to move to Firefox 2 or IE7 then. I wonder what the lag time is between one of these appearing and getting reported in the browser.


Not an issue in Firefox 1.5, either.

Top
#294058 - 20/02/2007 18:08 Re: Nice eBay hack/phish [Re: mlord]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
Quote:

I'd like to upgrade to IE7 but some of my companies apps will not work with IE7. Also it blows up charcoalgray's Empeg style sheet, so I've read.


No loss there. That style sheet only worked on exactly one brand/version of browser. I've never been able to see it in action here, despite having a good half-dozen or so different browsers to choose from.

Cheers


Works fine for me on ie 6.0.29. And I know a few older versions as well. I first had issues with it streaming but I fixed that, somehow, I forget. I really like it.

Top
#294059 - 20/02/2007 18:18 Re: Nice eBay hack/phish [Re: Redrum]
cushman
veteran

Registered: 21/01/2002
Posts: 1380
Loc: Erie, CO
Quote:
Works fine for me on ie 6.0.29. And I know a few older versions as well. I first had issues with it streaming but I fixed that, somehow, I forget. I really like it.

Different versions of the same browser.

Netscape, Mozilla, Safari, Opera, etc. There are many other web browsers out there, designing for only one of them is less than ideal. If your company had taken this into consideration when developing for IE only then you would have no problem using the apps with IE7 or Mozilla or any other standards-based web browser.
_________________________
Mark Cushman

Top
#294060 - 20/02/2007 19:21 Re: Nice eBay hack/phish [Re: Redrum]
g_attrill
old hand

Registered: 14/04/2002
Posts: 1172
Loc: Hants, UK
Quote:
I'm way to fast on entering ID's and passwords. Seems I'm always prompted. New motto - "think before I type."


A few months ago I was taken in by a Yahoo phisher and felt a right fool. It was one of those spam URLs sent around YIM and I clicked because I had quite a few of them and wondered what they were spamming. It took me straight to a very convincing login page, and perhaps because I don't treat a Yahoo logins as being that valuable I "logged in" and then got a Geocities bandwidth announcement. A short while later Gaim told me I had been logged out of Yahoo and I thought "strange" and reconnected it. Then somebody asked me what was up with the URL I sent them and I thought "damn!" and changed my password immediately.

Top
#294061 - 20/02/2007 19:51 Re: Nice eBay hack/phish [Re: g_attrill]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
Quote:
I'm way to fast on entering ID's and passwords. Seems I'm always prompted. New motto - "think before I type."


A few months ago I was taken in by a Yahoo phisher and felt a right fool. It was one of those spam URLs sent around YIM and I clicked because I had quite a few of them and wondered what they were spamming. It took me straight to a very convincing login page, and perhaps because I don't treat a Yahoo logins as being that valuable I "logged in" and then got a Geocities bandwidth announcement. A short while later Gaim told me I had been logged out of Yahoo and I thought "strange" and reconnected it. Then somebody asked me what was up with the URL I sent them and I thought "damn!" and changed my password immediately.


Yea I felt a bit foolish for being taken. I changed my password right away so I think I'm safe.

I don't think they can do anything to me but kill my rating or put up fake auctions. And if I locked them out they can't even do that. They don't have any credit card info or Paypal password. At least I hope not.

Top
#294062 - 20/02/2007 19:53 Re: Nice eBay hack/phish [Re: g_attrill]
Robotic
pooh-bah

Registered: 06/04/2005
Posts: 2026
Loc: Seattle transplant
Quote:
Quote:
I'm way to fast on entering ID's and passwords. Seems I'm always prompted. New motto - "think before I type."


A few months ago I was taken in by a Yahoo phisher and felt a right fool. It was one of those spam URLs sent around YIM and I clicked because I had quite a few of them and wondered what they were spamming. It took me straight to a very convincing login page, and perhaps because I don't treat a Yahoo logins as being that valuable I "logged in" and then got a Geocities bandwidth announcement. A short while later Gaim told me I had been logged out of Yahoo and I thought "strange" and reconnected it. Then somebody asked me what was up with the URL I sent them and I thought "damn!" and changed my password immediately.

Hmm- I got caught by a YIM phisher from a friend. The message was something like 'log in to download photos from xxxx' or some-such nonsense. Before I thought about it I dove in. Duh. Then I immediately thought better of it and changed my password.
I haven't heard or seen any inappropriate use of my Yahoo account, so I guess I caught it soon enough.
_________________________
10101311 (20GB- backup empeg)
10101466 (2x60GB, Eutronix/GreenLights Blue) (Stolen!)

Top
#294063 - 20/02/2007 23:09 Re: Nice eBay hack/phish [Re: Robotic]
gbeer
carpal tunnel

Registered: 17/12/2000
Posts: 2665
Loc: Manteca, California
E-bay killed it.
_________________________
Glenn

Top
#294064 - 20/02/2007 23:27 Re: Nice eBay hack/phish [Re: gbeer]
Redrum
old hand

Registered: 17/01/2003
Posts: 998
Quote:
E-bay killed it.


Good!

Top