<VV> EBay warning - No Corvair
Mark J. Murphy
m.j.murphy at comcast.net
Fri Apr 29 07:42:43 EDT 2005
Some (the good ones) look legit because in most cases, the vast majority of
it *is* legitimately the site they claim it came from. It's called "cross
site scripting" and it involves a widespread, multi-platform security hole
of sorts in dynamic web servers (sites that allow user input to change
what's displayed to them, like logins) based in laziness and convention.
Basically it's common to check and encode publicly viewable information
submitted to a site against hacked code, but *not* to do so for information
submitted by you that only you will see -- after all, who would try to
attack themselves? Problem is, when you click this email link *you* are
essentially attacking yourself, albeit with some help from the script kiddie
that sent it to you. In many cases the only non-legit part of the whole
affair is that link The hacked code then sends them copies of things the
web server thinks only you are seeing. Quite ingenious actually, from a
coding POV. Anyway, as Paul Harvey would say, now you know the rest of the
story. :)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
,-----___\----, Mark Murphy
\--(o)----(o)--' Derry, NH, USA
http://m.j.murphy.home.comcast.net/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
----- Original Message -----
From: <HallGrenn at aol.com>
To: <virtualvairs at corvair.org>
Sent: Thursday, April 28, 2005 11:18 AM
Subject: Fwd: <VV> EBay warning
> It's called "phishing" and we get them all the time too. Some look really
> legit--some are riddled with bad grammar. Any ads come via the net.
Everything
> real from your bank etc. still comes by mail.
More information about the VirtualVairs
mailing list