This Trojan uses spoofing technology, and appears to be an HTML page. It is designed to steal confidential information from eBay users. It is sent out in the guise of an important message from eBay. The message contains a link which utilizes the Frame Spoof vulnerability in Internet Explorer.

When the user clicks on the link, it leads to a spoofed page. If the user enters his/ her account details, they will be sent to the remote malicious user, who will then be able to access and change the user's profile. -

Linked by shanmuga Thursday, 24th November 2005 10:52AM