BugTraq
IE URL Issue Being Used In Phishing In the Wild [USBank] May 13 2004 10:30PM
Drew Copley (dcopley eeye com) (2 replies)
Re: IE URL Issue Being Used In Phishing In the Wild [USBank] May 15 2004 05:18AM
Nick FitzGerald (nick virus-l demon co uk)
"Drew Copley" <dcopley (at) eeye (dot) com [email concealed]> wrote:

<<snip>>
> The webpage attempts to throw up a little url bar of it's own
> which covers IE's url bar. This allows a pretty convincing spoof
> job to happen.
>
> The pop up looks just like IE's url bar, and it is even selectable.
>
> This does not work in Netscape.

This was also reported at antiphishing.org:

http://www.antiphishing.org/phishing_archive/05-13-
04_US_Bank_(Found_error).html

and it sounds similar to an earlier incident reported there in late
March:

http://www.antiphishing.org/news/03-31-04_Alert-FakeAddressBar.html

> It is very similiar to Malware's issues of late.

Sorry -- I'm going to have to ask you to expand on that (perhaps I
missed something from http-equiv?).

Regards,

Nick FitzGerald

[ reply ]
Re: IE URL Issue Being Used In Phishing In the Wild [USBank] May 14 2004 05:44PM
Todd C. Campbell (todd campbell core com)


 

Privacy Statement
Copyright 2010, SecurityFocus