Ironworks Gaming Forum - View Single Post - RE: Fake Paypal E-mail

Night Stalker · 03-23-2004, 04:39 PM

The email is a fraud. It takes advantage of a known security bug in IE where formating a hyperlink in a particular way will spoof the user into thinking they are on one site (address bar and status bar report the expected URL) but they are actually on another.

So, while https ://paypal.com/whatever may look like a real paypal page, you are nowhere near the paypal domain.

An example link is here:

Ironworks Homepage

Milage of this link may vary .... but the status and address bars should report the URL as http://www.ironworksforum.com but the link takes you to a Google query with news articles about this flaw ..... I mean - feature!

[ 03-23-2004, 04:49 PM: Message edited by: Night Stalker ]

03-23-2004, 04:39 PM	#20
Night Stalker Lord Ao Join Date: June 24, 2002 Location: Nevernever Land Age: 51 Posts: 2,002	The email is a fraud. It takes advantage of a known security bug in IE where formating a hyperlink in a particular way will spoof the user into thinking they are on one site (address bar and status bar report the expected URL) but they are actually on another. So, while https ://paypal.com/whatever may look like a real paypal page, you are nowhere near the paypal domain. An example link is here: Ironworks Homepage Milage of this link may vary .... but the status and address bars should report the URL as http://www.ironworksforum.com but the link takes you to a Google query with news articles about this flaw ..... I mean - feature! [ 03-23-2004, 04:49 PM: Message edited by: Night Stalker ] __________________ [url]\"http://www.duryea.org/pinky/gurkin.wav\" target=\"_blank\">AYPWIP?</a> .... <img border=\"0\" alt=\"[1ponder]\" title=\"\" src=\"graemlins/1ponder.gif\" /> <br />\"I think so Brain, but isn\'t a cucumber that small called a gherkin?\"<br /><br />Shut UP! Pinky!