Cross your fingers and click

UH!Mustaca!HTML

  30 June 2006

Description

Making what looks like a valid link to PayPal turn into a link to a phishing site using a FORM and a cleverly constructed INPUT tag.

Submitted by Sorin Mustaca.

Example

<FORM action=http://201.117.14.43:8090/xxev/cmd_run/index.php?>
 <p><a href="https://www.paypal.com/cgi-bin/webscr?cmd=_login-run">
 <font size="2" face="Arial, Verdana">
 <INPUT style="BORDER-RIGHT: 0pt;
 BORDER-TOP: 0pt; FONT-SIZE: 10pt; BORDER-LEFT: 0pt; CURSOR:
 hand; COLOR: blue; BORDER-BOTTOM: 0pt; BACKGROUND-COLOR: transparent;
 TEXT-DECORATION: underline" type=submit
 value=https://www.paypal.com/cgi-bin/webscr?cmd=_login-run>
 </font></a></p></form>

Entries

Cross your fingers and click

Spammers compendium entry - Cross your fingers and click

Whiter Shade of Pale

Spammers compendium entry - Whiter Shade of Pale

Slick Click Trick

Spammers compendium entry - Slick Click Trick

Now you see it; now you don't

Spammers compendium entry - Now you see it; now you don't

The Rake

Spammers compendium entry - The Rake

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.