NEWS FROM THE LAB - Friday, August 25, 2006

We Knew It Would Happen Posted by Era @ 12:08 GMT

Well, it did!

Specifically, somebody set up a PayPal phishing site which apparently is designed to perform a man-in-the-middle attack on your password. It displays a genuine-looking login box, and guess what?
You have to type in a valid PayPal user name and password — so it's probably doing a shadow login to the real PayPal site behind the scenes. Then, of course, the phisher has your password ... and credit card number, if you fill in that, too.

PayPal fake login screenshot

Luckily, we were alerted to this before it was actually spotted in the wild. We imagine the phisher is still working on going live with the site as we write this! Thanks to blog reader "Scarlet Pimpernel" for the tip-off, and to Kamil and Mikko for their research.

Needless to say, abuse notices about the phishing site have been sent.