eBay Scrambles to Fix Phishing Bug

← Back to Stories (view on slashdot.org)

eBay Scrambles to Fix Phishing Bug

Posted by Zonk on Saturday March 5, 2005 @09:21AM from the watch-where-you-click dept.

Paul Laudanski writes "c|net is reporting that eBay is scrambling to fix a software glitch which opens doors to phishing attacks via one of its own valid URLs. "The flaw may have already allowed individuals to use one of eBay's URLs to trick unsuspecting parties into visiting malicious sites, the company representative said.""

4 of 131 comments (clear)

Min score:

Reason:

Sort:

Scrambling? by Ulric · 2005-03-05 09:26 · Score: 5, Interesting

Maybe they are scrambling, but it sure seems like it is still working:
http://cgi4.ebay.com/ws/eBayISAPI.dll?MfcISAPIComm and=RedirectToDomain&DomainUrl=http://siag.nu/
That's a link to ebay.com which redirects to siag.nu. And it doesn't look like a glitch, it looks like it's on purpose.
In other news... by Anonymous Coward · 2005-03-05 09:29 · Score: 5, Funny

Slashdot Scrambles to Fix Dupes
Re:Phishing EBay by X0563511 · 2005-03-05 09:36 · Score: 5, Insightful

Lots of people use the same password for everything. If i were to net a bunch of Ebay account passwords, i could stand a decent chance of getting into the paypal accounts of at least a few of them.

--
For large sets, this will be our guide even unto death, for the LORD will work for each type of data it is applied to...
My advice... by wotevah · 2005-03-05 10:07 · Score: 5, Insightful

...has always been to never click on emailed links pertaining to anything important, especially banking and such.

Bookmark all the financial sites you use, and whenever you receive emails with such "friendly" links, use your bookmark instead, to log in to the site. If it was important, you will see it on the next page there.

I never click on the links even when I know they are legit (to avoid forming a habit).