Submission + - fake amazon login page
tbonefrog writes: portswigger.net has a link to amazon to buy their book on hacking web applications. When on the real-looking amazon web page i clicked on 'add to wish list' and proceeded to enter my email and password. After I got done I was asked to enable popups, which amazon does not do. I also noticed that instead of the lock icon in the lower right corner of the screen there was a lock with a diagonal line across it. I'm just wondering how much damage was done in the minute or so it took me to change my amazon password.