SecurityFocus

In-session phishing Jan 08 2006 12:53AM
Matt Richard (matt richard gmail com) (1 replies)

I recently heard rumors of several financial institutions impacted by
"in-session phishing". The description of the attack was that the
user would log in to their internet banking site and shortly after a
pop-up would appear with a "Security Confirmation" page requesting
personal information to allow continued use of the internet banking
site.

From the information I have been able to gather it appears that pop-up
is triggered by local malware on the end users pc. What makes this
interesting is that the attack may have been targeted at a specific
internet banking vendor that services small financial institutions. I
am under the impression that the site hosting the "Security
Confirmation" page has been taken down and unfortunately I don't have
any other details.

My questions to the list are:

1) Other than some older malware (Bugbear.B) and general purpose
keyloggers is anyone aware of malware used for similar "in-session"
phishing?

2) Has anyone heard or seen this specific method in use?

--
Matt Richard
http://www.mullingsecurity.com

[ reply ]

Re: In-session phishing Jan 08 2006 10:14AM
Rafael San Miguel Carrasco (smcsoc yahoo es) (1 replies)

Re: In-session phishing Jan 08 2006 01:09PM
Matt Richard (matt richard gmail com) (1 replies)

Re: In-session phishing Jan 08 2006 11:47AM
Lance James (bugtraq securescience net) (1 replies)

New to phishing Feb 17 2006 10:32AM
Athanatos Manos (mathanatos gmail com) (1 replies)

Re: New to phishing Feb 21 2006 01:26PM
Alice Bryson (abryson bytefocus com) (1 replies)

Re: New to phishing Feb 21 2006 02:38PM
Athanatos Manos (mathanatos gmail com)