Some avid readers of The Register who also happen to be knowledgeable in the area of web server exploits, have found a vulnerability in redirection scripts on eBay's site that can be used as a backdoor to aid in phishing capers. Apparently, phishers are already exploiting the redirection script to make fraudulent emails look more convincing.
"I can host my eBay-alike phishing page anywhere I like, and use the above script to get users to click on it. The link is very definitely pointing to eBay, it's just that eBay will redirect to my phishing net. Very slick." - Register Reader.
Apparently, the Reg have notified eBay of the problem several times since Wednesday (23 February), but have not heard back from the company. Ouch.