Phishing with Google

Well, still no response from google about the security flaw, so I’ve added in another more interesting example, this one replaces the google page with a simple form telling the user that google is now a subscription service and asking for their credit card details, then upon submission the info goes to my site, before returning the user to google with a thankyou - only works in windows IE (inserting dynamic script elements is easiest there) For those of you without IE, this is what it looks like:

Screenshot of Google Phishing Exploit

I think this sort of phishing would likely result in a large takeup. Hopefully google will start listening soon, this time I’ve posted to bugtraq too.

This entry was posted on Tue Oct 19 12:03:00 UTC+0100 2004 and is filed under General, General, Background Colours!.

Comments

  1. Francesco Says:
    null

    Sei stato grande!!! very, very good!!!

  2. Amir Says:
    Mon Jun 6 17:44:00 UTC+0100 2005

    gmail is crap as you can’t get an account beacuse nobody would send me an invertation and people ceep on breaking into my account wiht hotmail.com i have made one wiht yahoo but it is horrable. i have been waiting ot get an account for two years!!!