EV SLL built into the new Internet Explorer 7 was supposed to inform you when a phishing site was masquerading as a legitimate site such as eBay or PayPal. The title bar in your browser will turn green for known safe sites, red for known phishing sites, and yellow for suspected phishing sites. PayPal have implemented EV SSL with a security certificate issued by Verisign (who have a strategic alliance with eBay and PayPal).
Now the Channel Register reports users logging into spoof PayPal and eBay sites which request additional information (social security number, bank details, credit card details, mothers maiden name etc) even though the address bar of IE7 is reporting the site as legitimate! Screen shots show not only IE7 reporting spoof sites as legitimate but Norton security software also declares the sites to be safe. It is surmised that a dll file that attaches itself to IE is managing to read and modify the html while in transit. This means although the user is logged onto the authentic site the page appearing in their browser has been tampered with.
All eBay and PayPal users should be aware that no security software is a replacement for vigilance and common sense. eBay are partners in the Get Safe Online campaign which offers advice on safe surfing.
2 Responses
No need to panic! This .dll exploit only affects Windows XP and Vista so very few people should be affected. Linux and Mac OS are unaffected as are all versions of the FireFox browser.
Wow just an awesome site. Love it keep the great work!!!