Paypal phishing w/o hosted HTML files

It is the first time I can see a phishing that doesn’t have a website to store the website !

This email came as a self sustained phishing solution.

It is written in HTML and JS and it has a FORM whos action is POST to a website which saves the data.

The submit button goes to http://www.webformdesigner.net/wfd_f2.php?id=QjfYrttfx8.

The website is not randomly chosen 😉

Web Form Designer is a legitimate company that produces such emails …

Have a look here:  http://www.webformdesigner.net/

The mail doesn’t have anything special in it. It asks for the usual stuff : CC number, PIN (never asked by a legitimate company or webshop) , etc.


© Copyright 2006 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

Related Posts

Double Phishing: PayPal & eBay

Subject:PayPal & eBay From:”PayPal” Date:Thu, 6 Jul 2006 04:36:34 -0700 To:undisclosed-recipients:; This e-mail is the notification of PayPal Become One With eBay. We’re excited about this change because it allows us to offer you: * Easier access to all your account information* Enhanced Online Bill Payment * Transfer balances online * Mass Payment allows anyone […]

Discover more from Sorin Mustaca on Cybersecurity

Subscribe now to keep reading and get access to the full archive.

Continue reading