Spoofed Address Bar - Forged Paypal page

Another Spoof Email and Phishing Scam report by MillerSmiles.co.uk - click this image to go to our home page.

Spoofed Address Bar - Forged Paypal page
16th March 2004

please forward any scams you've received to spoof@millersmiles.co.uk

Report Summary
Date Reported	16th March 2004
Apparent Sender	Paypal
Return Address	n/a - see below
Subject	n/a - see below
Format	n/a - see below
Method	n/a - see below
Bogus Web Content?	Yes
URL of web content	spoofed address bar shows https://www.paypal.com/cgi-bin/webscr?cmd=_login-run but the actual page is located on a completely different server (in no way connected with Paypal)
RISK LEVEL	HIGH
WARNINGS	1. This is our second instance of address bar spoofing - where the browser address bar is coded out and replaced with images and text which look like the real address bar.

Our second instance of Address Bar spoofing targets Paypal...

No spoof email this time, we came across this bogus Paypal page (see images below) during our trawl of the net for 'nasties'. This bogus page also represents our second sighting of this new phishing phenomenon where the browser address bar is removed and replaced with text and images to give the appearance of a genuine web page.

Of-course, the whole page is one big con and any information which is submitted into this form is seemlessly sent on to the perpetrators using a PHP script.

You will notice from the image below, that parts of the address bar image are a different colour, but if the browser was set to use Windows Classic appearance, then you would not notice any difference (see this other example of Address Bar Spoofing to see what we mean). The yellow padlock symbol is also absent from the bottom of the browser frame (something that you would always see at a genuine secure page).

We may well see reports of spoof emails which direct users to this bogus page over the coming days, but we are more likely to see other examples of this worrying trend. In the mean time, please help build awareness of this emerging trend in Phishing Scams by informing friends and colleagues of this page and the use of Address Bar Spoofing. The more that people know, the less victims we will see.

The bogus web page ...

Address Bar Spoofing shown here with a bogus Paypal web page.

Snapshot showing the spoofed address bar made with images and text to give the bogus page a genuine appearance.


Stay informed of the latest Spoof Email Phishing Scams with either of our FREE alert services... Email Alerts Add your email address to our email alert service... Subscribe Privacy Policy RSS News Feed Tap into our Scam Alert service using your News Reader or Aggregator (including My Yahoo!). Scam Alert News Feed You can even put the latest alerts on your own web site.

Library of Spoof Email Phishing Scams Brief guide to Phishing Full article on spoof email scams Spoof URL Checker Link Checker Browser URL Spoofing Vulnerability Check Latest browser bug aids Phishing Scams - beware!

Click the arrow to return to previous page Home Guides... Book Terminology How to identify a first edition book Auction Watcher List of the main Auction Sites world wide
<table border='0' cellpadding='0' cellspacing='0' width='120' height='243'> <!--DWLayoutTable--> <tr> <td><a href='http://www.amazon.co.uk/exec/obidos/redirect-home/millersmile09-21' target=_top ><img src="http://images-eu.amazon.com/images/G/02/associates/recommends/default_120x243.gif" width=120 height=243 border="0" access=regular></a></td> </tr> <tr> <td height="1"><img src="../spacer.gif" alt="" width="120" height="1"></td> </tr> </table>

Spoofed Address Bar - Forged Paypal page 16th March 2004

Spoofed Address Bar - Forged Paypal page
16th March 2004