[Sec] Lame Phishing Attempt

Just got a really lame phishing attempt from "PayPal". It's actually pretty sophisticated, here is the link with the associated Javascript:


<a href=3D"http://site4.apo=%6C%6C%6F%68%6Fsting.com/%6B%61%74%68%79%2D%77%65%62%38%38%2E=
%6E%65%74/httpdocs/webscr/"
onMouseOver=3D"window.status=3D'https://www.paypal.com';return true;"
onMouseOut=3D"window.status=3D' '; return true;">Click here to verify your Information</a>


So if you have Javascript turned on for mail, it masks the destination URL with paypal (though for Mozilla, the destination URL is simply not shown... is this a bug?)

Anyway, the sad part is that the URL doesn't seem to exist. How weak is that?

Comments

Popular posts from this blog

How to Fix a Jammed Toyota Camry Trunk

Chase Fraud Alert from SMS 28107

Analysis of What Information Angry Birds Collects