[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [WEB SECURITY] Google Redirect URL actively used for Phishing
- From: "Ryan Barnett" <rcbarnett@xxxxxxxxx>
- Subject: Re: [WEB SECURITY] Google Redirect URL actively used for Phishing
- Date: Tue, 22 Aug 2006 15:30:38 -0400
------=_Part_20118_4579490.1156275038862
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
I got an Ebay one that used a Yahoo redirect in the same manner.
--
Ryan C. Barnett
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC
Author: Preventing Web Attacks with Apache
On 8/22/06, Jeremiah Grossman <jeremiah@whitehatsec.com> wrote:
>
> Caught this on RSnakes blog:
>
> Google Redirection Hole Used For Phishing
> http://ha.ckers.org/blog/20060822/google-redirection-hole-used-for-
> phishing/
>
> He got a fake eBay email with the following linked url: (Clicking is
> NOT recommended)
> http://www.google.com/url?q=http://66.207.71.141/signin.ebay.com/
> Members_Log-in.htm
>
> While redirect URL functionality does not seem particularly dangerous
> on the face of it, Phishers are using them to increase the
> credibility of their attacks.
>
>
> Regards,
>
> Jeremiah Grossman
> Chief Technology Officer
> WhiteHat Security, Inc.
> http://www.whitehatsec.com
>
>
> ----------------------------------------------------------------------------
> The Web Security Mailing List:
> http://www.webappsec.org/lists/websecurity/
>
> The Web Security Mailing List Archives:
> http://www.webappsec.org/lists/websecurity/archive/
> http://www.webappsec.org/rss/websecurity.rss [RSS Feed]
>
>
------=_Part_20118_4579490.1156275038862
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
<div>I got an Ebay one that used a Yahoo redirect in the same manner.</div>
<div> </div>
<div>-- <br>Ryan C. Barnett<br>Web Application Security Consortium (WASC) Member<br>CIS Apache Benchmark Project Lead<br>SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC<br>Author: Preventing Web Attacks with Apache <br>
<br> </div>
<div><span class="gmail_quote">On 8/22/06, <b class="gmail_sendername">Jeremiah Grossman</b> <<a href="mailto:jeremiah@whitehatsec.com";>jeremiah@whitehatsec.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">Caught this on RSnakes blog:<br><br>Google Redirection Hole Used For Phishing<br><a href="http://ha.ckers.org/blog/20060822/google-redirection-hole-used-for-";>
http://ha.ckers.org/blog/20060822/google-redirection-hole-used-for-</a><br>phishing/<br><br>He got a fake eBay email with the following linked url: (Clicking is<br>NOT recommended)<br><a href="http://www.google.com/url?q=http://66.207.71.141/signin.ebay.com/";>
http://www.google.com/url?q=http://66.207.71.141/signin.ebay.com/</a><br>Members_Log-in.htm<br><br>While redirect URL functionality does not seem particularly dangerous<br>on the face of it, Phishers are using them to increase the
<br>credibility of their attacks.<br><br><br>Regards,<br><br>Jeremiah Grossman<br>Chief Technology Officer<br>WhiteHat Security, Inc.<br><a href="http://www.whitehatsec.com";>http://www.whitehatsec.com</a><br><br>----------------------------------------------------------------------------
<br>The Web Security Mailing List:<br><a href="http://www.webappsec.org/lists/websecurity/";>http://www.webappsec.org/lists/websecurity/</a><br><br>The Web Security Mailing List Archives:<br><a href="http://www.webappsec.org/lists/websecurity/archive/";>
http://www.webappsec.org/lists/websecurity/archive/</a><br><a href="http://www.webappsec.org/rss/websecurity.rss";>http://www.webappsec.org/rss/websecurity.rss</a> [RSS Feed]<br><br></blockquote></div>
------=_Part_20118_4579490.1156275038862--
Brought to you by http://www.webappsec.org
Search this site
|