From: Plompetta (wiriowq_at_neibwdwqd.net)
Date: Sat, 5 Jun 2004 22:52:24 +0100
I don't really understand what is being said below by Mcaffee about this
virus. Are they saying that it is not a virus, but somehow McAfee detects
the page is fake and alerts the user accordingly?
This detection is for HTML pages which claim to be a legitimate billing page
that the user must enter their credit card and other personal information
into. For example the page may masquerade as an AOL or Paypal related page.
When the user enters information into the page and submits it, the data is
sent to the author of the trojan page (not AOL or PayPal etc). This is often
achieved by using remote Formmail scripts to send form data to a specified
Before sending your credit card information over web, always check to
confirm the address of the web page. Also confirm that the information will
be encrypted by checking that the lock icon in the status bar is closed. If
the lock icon is on the HTML page instead of the status bar, that can be
faked; if it's not on the status bar, it's not secure.