Things like this are the very kiss of death as far as the internet is concerned, and I wholeheartedly agree with Bill Thompson's penultimate paragraph:-
"Sorting out online security, clamping down on the fraudsters and stopping the scams has to be a priority, because without e-commerce the modern internet simply would not exist. The net may have started as a publicly funded resource, but these days it is a private sector operation."
I read a similar story about this via Google news beta the other day. It gave me a link to a test page, to test my browser. On their website it said that Firefox 1.0 is effected, yet when I ran the test it displayed the correct page - both on the 'pop-up blocker' and the 'No pop-up blocker' tests.
Ill try and find the test again, and post it here so everyone can give their browser a test.
PS: When I did it in IE the SP2 pop-up blocker went nuts on one test, and then showed the wrong page on the other test.
firefox 1 seems vulnerable if it's pop up blocker turned off, but not if turned on.
But the two tests seemed to work identically either way.
I only got redirected if i turned the pop up blocker off, veiwed the page, and then refreshed the page. Just viewing it the first time was ok. But if i then hit refresh, i got re-directed. Odd. Perhaps i am missing the point?