Hugo Lopes wrote:
Spoof eBay messages are no news, but today I have received one that takes
the "spoof art" to new heights. Not only all return paths in the message
source were ebay addresses but the link included in the message was
*exactly* the same that is presented as genuine in eBay's help pages on this subject.
Hugo, I received also such a spoof today and it was hard to find the catch in it, but if you see the address the link is directed to you'll see: http://[EMAIL PROTECTED]:%31%39%39/%69%6E%64%65%78%2E%68%74%6D that translated to readable text becomes something like: http://[EMAIL PROTECTED]:31/index.htm that's where the spoofing server is located. Be aware of any web address with an "@" on it as it's a pretty unknown feature of the URI spec, that mandates the use of an "@" to specify user information (for authentication for example), but all the piece before the "@" will be ignored by a webserver without authentication turned on. In simple words it means that you're redirected to 211.47.191.125:31/index.htm , ignoring the rest of the URL. Not difficult at all, but does the trick of fooling most...
-regards,
Gerard.
* **** ******* *********************************************************** * For list instructions, including unsubscribe, see: * http://www.a1.nl/phomepag/markerink/eos_list.htm ***********************************************************
