FYI...

- http://preview.tinyurl.com/2xm5vb
March 3, 2008 (Symantec Security Response Weblog) - "...Our spam traps caught a series of emails purporting to be from a disgruntled eBay user demanding an answer regarding a recent transaction. The emails contain a number of hyperlinks to the product in question which, when clicked, results in a browser-based FTP transaction to a remote host which displays a carbon copy of the legitimate eBay login page. What caught my attention was the inclusion of one of eBay's security tips within the fraudulent copy... One only needs to follow this advice to see that the page they are on is indeed suspicious... A regular Internet user will, in time, become less security conscious as they become more familiar with the sites they frequent. While they subconsciously check the sites' validity via the recollection of the site by memory, only significant changes are most likely to be recognized immediately. Changes to the URL, or to parts of the page that are farther away from the focus area (which is the login form in this case) are often not rechecked. Phishers know this, and rely on their victims to speedily log in without visually verifying the most important security indicators such as the URL. It is highly unlikely that users will scrutinize each and every site they traverse for indications of phishing, however incorporating a quick visual inspection of the URL when accessing banking, trading, auction, retail or any other services that deal with sensitive personal information will foil a high number of these attacks. A few seconds could save you a big headache. We need to be aware every time we log in - the attackers only need us to slip up once."

(Screenshot available at the URL above.)