Slashdot Mirror
Make a Date With Fraud
Rambo Tribble (1273454) writes "Netcraft is reporting that criminals are mounting massive phishing attacks through online dating sites. The scams are numerous and target multiple sites. Actual methods range from blackmail to 419-style scams. Characteristically, fraudsters hijack an existing account on one of the services, then use that as a portal to deliver a PHP script to compromise the site. 'The latest attacks make use of a phishing kit which contains hundreds of PHP scripts, configured to send stolen credentials to more than 300 distinct email addresses.' The BBC offers additional insights ."
I wondered why my date had me show up with a $50,000 money order......
The only thing necessary for evil to triumph is for it to be pitted against a slightly greater evil
Nothing surprising here, the date sites are just attacked because the operators are to dumb do make their site secure and there are a lot of people there. Any other type of site with the same characteristics is equally a target, the connection to "dating" is pure coincidence.
Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
Hmmm...posted to SlashDot...on a Friday night.
Looking at the code provided by NetCraft, and RTFA, it looks like a bogus php $_post transaction is sent to a php web service? So if the web service doesn't verify the inputs, then that would be an entry point where a script vectors in? I guess the real question is, "How to prevent a PHP script being executed when it is being read in as an $_post element? Another question is, "What command sequence causes this?"
catphishing?