26 Aug
2005
26 Aug
'05
7:56 a.m.
Can they not just check the referrer and if its the phish website, deny it..
Unfortunately, the damage has been done before the phishing website really makes any unsuspecting user click on a trademe related link. The form keeps redirecting to itself, so if they keep entering their data they will only end up in a loop. Though, throwing a nice "Change your password NOW plzkthxbye." would be appropriate in a trigger to clicking a link off the site. - Drew