TechTarget

Phishers exploit eBay's own sign in page

A bug in the eBay website has allowed fraudsters to launch a phishing attack using the online auction site’s own sign in page, security experts have warned.

A bug in the eBay website has allowed fraudsters to launch a phishing attack using the online auction site’s own...

sign in page, security experts have warned.

Phishing attacks – where fraudsters send out fake but official-looking emails in an attempt to steal bank details or other secure information – have homed in on eBay customers before.

Many users have received fake e-mails asking them to update their accounts by visiting a URL that leads to a phishing site.

But in the latest, more sophisticated attack, email recipients are directed to eBay’s own, genuine sign in page. The fraudsters have exploited a flaw on the sign in page and on another ancillary page to redirect victims to the phishing site after they have logged in, security firm Netcraft warned.

The scam relies on victims trusting the phishing page because they have been redirected from a genuine area of the eBay site.

 

 

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close