Phishers hack eBay

A flaw has been discovered on eBay’s website that would have allowed fraudsters to successfully redirect the sign-on process to a phishing site.

Reported by British antiphishing outfit Netcraft, the clever scam apparently started with fraudsters sending e-mails asking eBay users to update their accounts. So far so normal, as such fake eBay e-mails are currently one of the phishing world’s persistent lines of attack.

Disarmingly, however, the link provided was genuine and led to the correct eBay sign-in page, signin.ebay.com. If users clicked on this, parameters embedded in the otherwise normal stream of characters at the end of the link actually redirected users away from the page after the sign-in page to a fake phishing page, via an open relay hosted at servlet.ebay.com.

The end result would have been that users gave away information allowing phishers to hijack their accounts, either as a way of laundering money or for launching fake auctions.

According to Netcraft’s Paul Mutton, the company first learned of the attack from users of its antiphishing toolbar — which stops the attack — and reported the flaw to eBay last week.

This is not the first time such an attack has been attempted on eBay users. In March, phishers launched an almost identical redirect-style attack, which spoofed the sign-on page itself. Mutton said he considered the latest attack more subtle as it manipulated the real sign-on page, and would therefore be harder for users to detect.

“I believe this new exploit is more serious because it is more convincing,” Mutton said. “It is something they can prevent by enforcing stricter coding conventions.” At the time of going to press, eBay was unavailable for comment.

The moral is not to click on links in e-mails just because they look genuine, a fairly disturbing conclusion as this is one of the main criteria people use.

Netcraft’s toolbar, a web browser plug-in for Microsoft’s Internet Explorer and Mozilla’s Firefox, is designed to protect against phishing websites, not least by analyzing the sort of characters used in this attack.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now