Closed Bug 298920 Opened 20 years ago Closed 20 years ago

URL spoofing

Categories

(Firefox :: Security, defect)

Product:
Firefox
Component:
Security
Platform:
x86
Windows XP
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED DUPLICATE of bug 298903

People

(Reporter: tecnica, Unassigned)

References

(
URL
)

Details

User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; it-IT; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 5.1; it-IT; rv:1.7.8) Gecko/20050511 Firefox/1.0.4 Moving the mouse cursor on links does not display the url (as it should be). The address bar display the correct url: http://compsci.buu.ac.th/.ssl/.../ I've recived this url with thi email: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <html> <p><strong>Dear valued PayPal member, </strong></p> <p>Due to recent activity, including possible unauthorised transactions placed on your <br> account, we have temporarily suspended activity on your account in order to <br> allow us to investigate this matter further. If you believe that this action may <br> have been taken in error, or, if you feel that your account may have been <br> tampered with, please visit the <a href="http://compsci.buu.ac.th/.ssl/...">Resolution Center<a> so that we can provide additional <br> information and work with you to resolve this issue. </p> <p>We ask that you allow at least 72 hours for the <br> case to be investigated. Emailing us before that time will result in delays. We <br> apologize in advance for any inconvenience this may cause you and we would like <br> to thank you for your cooperation as we review this matter. <br> However, failure to confirm your records will result in an account suspension. <br> <br> Once you have verified/updated your account records your PayPal service will not be <br> interrupted and will continue as normal. <br> <br> Please follow the link below and confirm and/or update your account information. <br> <a href="http://compsci.buu.ac.th/.ssl/...">https://www.paypal.com/cgi-bin/webscr?cmd=login-run&action=update</a> <br> <br> If you have received this notice and you are not the authorised account holder, <br> please be aware that it is a violation of PayPal policy to represent oneself as <br> another PayPal user. Such action may also be in violation of local, national, <br> and/or international law. PayPal is committed to assist law enforcement with any <br> inquires related to attempts to misappropriate personal information with the <br> intent to commit fraud or theft. Information will be provided at the request of <br> law enforcement agencies to ensure that perpetrators are prosecuted to the <br> fullest extent of the law. <br> <br> Best Wishes, </p> <br> PayPal Service Department <br> PayPal Trust and Safety </html> Reproducible: Always
*** This bug has been marked as a duplicate of 298903 ***
Status: UNCONFIRMED → RESOLVED
Closed: 20 years ago
Resolution: --- → DUPLICATE
Group: security
You need to log in before you can comment on or make changes to this bug.