Scripts in eBay Postings May Enable Phishing

Wiz Feinberg · Post by **Wiz Feinberg** » 29 Apr 2006 11:44 am

US-CERT Cyber Security Alert SA06-117A --
Scripts in eBay Postings May Enable Phishing Attacks
Original release date: April 27, 2006

Systems Affected:

The eBay web site may contain pages that affect various web browsers.

Overview:

A vulnerability in the eBay web site may allow an attacker to steal personal information from eBay customers.

Solution:

Verify the legitimacy of eBay web pages

Attackers may use the vulnerability to perform a phishing attack.

Make sure that the URL is accurate, and check the web site certificate to make sure that you are visiting an authentic eBay web page.

I have more details about this alert on my Blog, along with recommendations and workarounds.

------------------
Bob "Wiz" Feinberg
Moderator of the SGF Computers Forum
<small>Visit my Wiztunes Steel Guitar website at: http://www.wiztunes.com/
or my computer troubleshooting website: Wizcrafts Computer Services,
or my Webmaster Services webpage.
Learn about current computer virus and security threats here.
Read Wiz's Blog for security news and update notices</small>

Colm Chomicky · Post by **Colm Chomicky** » 2 May 2006 4:22 am

Crooks are phishing ? - Why those bottom-dwelling dirty little BASSturds