Symantec researchers report that as the number of different online auction sites increases, phishers have discovered a new opportunity in the form of fake auction marketing tools.

"In a recent blog post, Symantec research Matthew Maniyara sketched out the process by which phishers are tapping into the power of (phony) auction marketing to expand their own business interests," writes eWeek's Matt Hines.

"Upon entering credentials onto the fake auction tools phishing sites, users are typically asked to verify back to the main online auction web site to obtain an access token," Hines writes. "Of course, when they follow through to that site, which warns them that if they do not get the token they will lose all access to the content they originally sought, they end up handing over any information they enter, which could include payment card data, to the attackers."

Click here to read the eWeek article.