Jun 28 2007 ~ "Websense Security Labs has discovered an eBay phish utilizing a chain of eBay, DoubleClick and AOL redirectors. The initial redirector on eBay will only redirect a user to another site if the correct eBay partner ID is provided. In this incident, the URL provided first redirects the user to the second redirector hosted on DoubleClick's advertisement server at us.ebayobjects.com... This second redirector by DoubleClick is then used to redirect the user to the third redirector hosted on AOL...
Finally, the redirector on AOL is then used to redirect the user to the eBay phish site which appears to be hosted on someone's home cable Internet connection... We already had this phishing URL categorized in our database and is known as an eBay phishing site. This particular incident is of interest not only because of its use of redirectors, but the chaining of redirectors and the initial use of an eBay redirector to finally direct the user to an eBay phish site. The fact that the first redirector belonged to ebay.com definitely helped make this eBay phish URL look legit at a quick glance..."
(Screenshot at the URL above.)
Edited by apluswebmaster, 28 June 2007 - 09:49 PM.