Folks, this isn't an https (or even http) problem. It is a tough user interface issue. Note: The form posting goes to www.pos2life.biz, which doesn't remotely look like paypal.com! To make matters worse, there are plenty of businesses that send you leg imitate email that comes from a "random" looking place. Just today I received one from MIT's Alumni Association, but the actual source was something like m0.email-foobar.com (or something). Obviously the Alumni Association outsources the sending of the mail to some third party company. So even if we came up with some fancy was of saying "This form doesn't post to the same place this page came from [never mind that the original of an e-mail form is ill defined]" won't help. I also received this scam mail. There were only two hints of badness (besides the obvious request for personal info that paypal shouldn't need) one was the form posting and the other was the "Received-by" line which my mail system put on the message which showed its original at a suspicious place (I believe in Japan, but I may have remembered wrong, it didn't look right at the time). This is a social problem. Technical measures can help, but won't solve it, I am afraid. -Jeff Roy M.Silvernail wrote:
On Sunday 08 June 2003 06:11 pm, martin f krafft wrote:
also sprach James A. Donald <jamesd@echeque.com> [2003.06.08.2243 +0200]:
(When you hit the submit button, guess what happens)
How many people actually read dialog boxes before hitting Yes or OK?
It's slightly more subtle. The action tag of a form submission isn't usually visible to the user like links are. In the scam copy I received, all the links save one pointed to legitimate PayPal documents. Only the <form action= gave it away, and you have to view source to see that.
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com