Jump to content


eBay-DoubleClick-AOL redirect chain phish

  • Please log in to reply
No replies to this topic

#1 AplusWebMaster



  • SWI Friend
  • PipPipPipPipPip
  • 11,104 posts

Posted 28 June 2007 - 09:42 PM


- http://www.websense.....php?BlogID=133
Jun 28 2007 ~ "Websense Security Labs has discovered an eBay phish utilizing a chain of eBay, DoubleClick and AOL redirectors. The initial redirector on eBay will only redirect a user to another site if the correct eBay partner ID is provided. In this incident, the URL provided first redirects the user to the second redirector hosted on DoubleClick's advertisement server at us.ebayobjects.com... This second redirector by DoubleClick is then used to redirect the user to the third redirector hosted on AOL...
Finally, the redirector on AOL is then used to redirect the user to the eBay phish site which appears to be hosted on someone's home cable Internet connection... We already had this phishing URL categorized in our database and is known as an eBay phishing site. This particular incident is of interest not only because of its use of redirectors, but the chaining of redirectors and the initial use of an eBay redirector to finally direct the user to an eBay phish site. The fact that the first redirector belonged to ebay.com definitely helped make this eBay phish URL look legit at a quick glance..."

(Screenshot at the URL above.)

Good grief.


Edited by apluswebmaster, 28 June 2007 - 09:49 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...

Member of UNITE
Support SpywareInfo Forum - click the button