Cross your fingers and click

UH!Mustaca!HTML

  30 June 2006

Description

Making what looks like a valid link to PayPal turn into a link to a phishing site using a FORM and a cleverly constructed INPUT tag.

Submitted by Sorin Mustaca.

Example

<FORM action=http://201.117.14.43:8090/xxev/cmd_run/index.php?>
<p><a href="https://www.paypal.com/cgi-bin/webscr?cmd=_login-run">
<font size="2" face="Arial, Verdana">
<INPUT style="BORDER-RIGHT: 0pt;
BORDER-TOP: 0pt; FONT-SIZE: 10pt; BORDER-LEFT: 0pt; CURSOR:
hand; COLOR: blue; BORDER-BOTTOM: 0pt; BACKGROUND-COLOR: transparent;
TEXT-DECORATION: underline" type=submit
value=https://www.paypal.com/cgi-bin/webscr?cmd=_login-run>
</font></a></p></form>

Poll

Will the current banking crisis lead to an increase in phishing attacks?
Yes
No
I don't know

Leave a comment
Jobs Career Sidebar

Virus Bulletin

In this month's magazine:
  • Does the punishment fit the crime?
  • Prophet and loss
  • All your MP3s are belong to us
  • Malware teaching considered harmful?
  • Il buono, il brutto, il cattivo
  • Lavasoft Ad-Aware 2008
  • The problem of backscatter – part 1
Virus Bulletin 09 2008
Subscribe now!
Virus Bulletin currently has 137,839 registered users.