Warning.

Apparently, there's CGing going around. Here's how they do it, (Not to educate you, you wont have the cookiegrabber php source anyway), but to let you look out for signs, and to read page source.

Firstly, they link offsite like that:

Code (Text):

1. <a href="http://istealyourcookie.urlhere.com" + "http://neopets.com">CLICK HERE TO GET HAXXED</a>

When you click the link, you're directed offsite for a split second, here's how they do it:

Code (Text):

1. setTimeout( "window.location.href = 'http://www.neopets.com/pagetoreturnonneopets'", 1*1000 );

That's just the redirect-me-back-to-neopets part of the code.
The cookie grabbing code is like that, and is explained here.

(Image grabbed from some battledome chatter)

Spoiler

 

Thankyou for the warning! CG'ers are out heaps lately!!

 

You left one important thing out: How they link to the other site.

Until last week, there was an exploit (I won't say more than that) and trust me, you wouldn't have known that you were CGed.

Now, you can still convince a user to click a link but it's highly inefficient.

 

Wow tharoux secrets

 

Nifty to know.

And SoC....That sig is amazing.