[Q] How do phishing sites work?
...and are they browser-specific?
Three days ago I installed UC Browser (standard version, downloaded from the Play Store) to give it a spin (SGS3 i747 running 4.3). After importing all my bookmarks I visited Paypal. After the login page when using the native browser, Firefox or Dolphin I've always seen the same mobile version of their summary page but this time I got a very different stripped-down page with a big "Get the Paypal App" button on the top. I figured it was just a marketing thing. To get past that it had a 2nd login area. After sending my info it did show my account balance but everything else was the same on that sparse page--including the lack of transactions, links to details, functions & features, etc, etc. Now I had the uneasy feeling I had been scammed so I transferred most of my money out and changed my PW.
Why would I get re-directed to a phishing site ONLY when using UC Browser and always inputting the correct URL?
I notified my friend that recommended the app and he also got the bogus-looking login page--and he's using the HD version of the browser.
I haven't gotten a response from Paypal and after posting a bad review on the Play Store the developer only suggested I block the site with a plugin. That doesn't seem to address the issue.
I'm assuming UC Browser isn't evil--but could the version (9.9.2, 8/12/14) in the Play Store be hacked?
Post-login page links (correct, suspicious):
Recent Net10 refugee now on AT&T