Phishing & BotNets
phishing attack May 01 2006 03:56AM
anon sumfin de (1 replies)
We had a phishing attack going on in our network for a while. What the attacker did was he created a fake website of a bank and managed to capture login's and passwords. The bank website was using differnt domains for its login and for main website. for eg on banks website suppose is aaa.com when users went on this website and clicked on login it opened a pop-up which had a url something like aala.com. so what the attacker did was he just created the fake website of this login page in our network. Now according to me if the bank has same domain for login as for its main website..attacker would have to create fake website of whole website and somehow that would have been easier to detect. what i want to know is am i right ? if they had same domain, is it still would have been possible to fake the login pop-up page..while keeping the main site intact. Another thing is on the fake login page the attacker created the only possible way to find out was click on the lock at the status bar which told that security certificate is invalid.. but the thing normal users dont click on it. i even doubt they know what is it. so is there is any other way to detect these kind of attacks ??

Thankx everybody.

[ reply ]
RE: phishing attack May 01 2006 09:38PM
AJ Rembert (ajrembert stny rr com) (2 replies)
RE: phishing attack May 02 2006 01:29PM
David Dominick (dominickda corp earthlink net)
Re: phishing attack May 02 2006 03:11AM
Jason Ross (algorythm gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus