lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sat, 15 May 2004 17:18:17 +1200 From: Nick FitzGerald <nick@...us-l.demon.co.uk> To: bugtraq@...urityfocus.com Subject: Re: IE URL Issue Being Used In Phishing In the Wild [USBank] "Drew Copley" <dcopley@...e.com> wrote: <<snip>> > The webpage attempts to throw up a little url bar of it's own > which covers IE's url bar. This allows a pretty convincing spoof > job to happen. > > The pop up looks just like IE's url bar, and it is even selectable. > > This does not work in Netscape. This was also reported at antiphishing.org: http://www.antiphishing.org/phishing_archive/05-13- 04_US_Bank_(Found_error).html and it sounds similar to an earlier incident reported there in late March: http://www.antiphishing.org/news/03-31-04_Alert-FakeAddressBar.html > It is very similiar to Malware's issues of late. Sorry -- I'm going to have to ask you to expand on that (perhaps I missed something from http-equiv?). Regards, Nick FitzGerald
Powered by blists - more mailing lists