[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [WEB SECURITY] Google Redirect URL actively used for Phishing

From: Jeremiah Grossman <jeremiah@xxxxxxxxxxxxxxx>
Subject: Re: [WEB SECURITY] Google Redirect URL actively used for Phishing
Date: Tue, 22 Aug 2006 13:17:20 -0700

Oh yah, no question that the attack vector is and has been used for a good while now. Just that many out there are not giving it the attention it deserves. Which used to be the case with XSS.

Regards,

Jeremiah-


On Aug 22, 2006, at 1:09 PM, Collin Jackson wrote:

This is not new. I've seen phishing sites using this technique for over a year.

On 8/22/06, Ryan Barnett <rcbarnett@xxxxxxxxx> wrote:
I got an Ebay one that used a Yahoo redirect in the same manner.
--
Ryan C. Barnett
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC
Author: Preventing Web Attacks with Apache
On 8/22/06, Jeremiah Grossman <jeremiah@xxxxxxxxxxxxxxx> wrote: > Caught this on RSnakes blog: > > Google Redirection Hole Used For Phishing > http://ha.ckers.org/blog/20060822/google-redirection-hole-used-for- > phishing/ > > He got a fake eBay email with the following linked url: (Clicking is > NOT recommended) > http://www.google.com/url?q=http://66.207.71.141/signin.ebay.com/ > Members_Log-in.htm > > While redirect URL functionality does not seem particularly dangerous > on the face of it, Phishers are using them to increase the > credibility of their attacks. > > > Regards, > > Jeremiah Grossman > Chief Technology Officer > WhiteHat Security, Inc. > http://www.whitehatsec.com > > --------------------------------------------------------------------- ------- > The Web Security Mailing List: > http://www.webappsec.org/lists/websecurity/ > > The Web Security Mailing List Archives: > http://www.webappsec.org/lists/websecurity/archive/ > http://www.webappsec.org/rss/websecurity.rss [RSS Feed] > >
---------------------------------------------------------------------- ------ The Web Security Mailing List: http://www.webappsec.org/lists/ websecurity/

The Web Security Mailing List Archives: http://www.webappsec.org/ lists/websecurity/archive/ http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

---------------------------------------------------------------------------- The Web Security Mailing List: http://www.webappsec.org/lists/websecurity/

The Web Security Mailing List Archives: http://www.webappsec.org/lists/websecurity/archive/ http://www.webappsec.org/rss/websecurity.rss [RSS Feed]

References:
- [WEB SECURITY] Google Redirect URL actively used for Phishing
  - From: Jeremiah Grossman
- Re: [WEB SECURITY] Google Redirect URL actively used for Phishing
  - From: Ryan Barnett
- Re: [WEB SECURITY] Google Redirect URL actively used for Phishing
  - From: Collin Jackson

Prev by Date: Re: [WEB SECURITY] Google Redirect URL actively used for Phishing
Next by Date: Re: [WEB SECURITY] Google Redirect URL actively used for Phishing
Previous by thread: Re: [WEB SECURITY] Google Redirect URL actively used for Phishing
Next by thread: Re: [WEB SECURITY] Google Redirect URL actively used for Phishing
Index(es):
- Date
- Thread

Brought to you by http://www.webappsec.org
Search this site