Not Your Average Phishing Scam

One of the first phishing scams to catch Security Fix's eye in the new year, a counterfeit login page may set the tone for the sophistication of online schemes involving fake bank and ecommerce sites in 2007. The bogus site, which was active as of early Tuesday morning, makes use of the real site in an effort to fool visitors into entering their real usernames and passwords.

This type of trick, known as a type of "man-in-the-middle" attack, logs the user into his or her account at, then it displays the data that Amazon serves up once the user is logged in. Visitors who supply bogus or otherwise incorrect usernames and passwords are shown a copy of the page Amazon users normally see if they mistype either of their credentials. Not Your Average Phishing Scam - Security Fix

Linked by shanmuga Thursday, 4th January 2007 2:31AM