bebi.myfastforum.org Forum Index
FAQ  Profile  Log in to check your private messages  Usergroups  Memberlist  Search  Join! (free)  Log in

New phishing technique discovered

 
Post new topic   Reply to topic    bebi.myfastforum.org Forum Index -> PC related matters
View previous topic :: View next topic  
Author Message
Bebi
The Management
The Management


Joined: 02 May 2006
Posts: 824


Location: West Yorkshire, UK
PostPosted: Tue Feb 06, 2007 1:12 pm    Post subject: New phishing technique discovered Reply with quote
Tuesday February 6, 11:00 AM
By Tom Young

A new ˜undetectable' phishing tactic has been hijacking the web pages of a major UK bank, according to security vendor Envisional.

Until now customers have been able to check a link in an email by moving the mouse over it, thus revealing a fraudulent URL addresses. But this new method shows the legitimate web address of the bank in question.

'This is a completely new and very dangerous threat,' said Envisional's chief executive officer, Michael Wheatley. 'Even wary, sophisticated online banking customers will be caught out by this latest form of attack.'

The new approach exploits a vulnerability in the web site of the bank, allowing a link to look like it directs the user to the legitimate site. Actually the link sends the user to a framed mock-up of the bank's page that is really part of the phisher's web site.

Gartner analyst John Pescatore says the attack is a variant of existing phishing techniques.

'There's big risks there for sure. I think it's a clever variation on things that have been done before, taking advantage of a vulnerability on a legitimate site to embed some malicious code,' he said. 'Any site that wants to make sure it's a trusted commerce site has to make sure it doesn't leave these vulnerabilities there.'

But PayPal chief information security officer Michael Barrett says these emails will be much less of a threat if users are educated.

'You could argue that if you could educate all of your users then there would be no such crime as phishing,' said Barrett. 'Firstly if you get emails out of the blue wait a few days. Typically if it's a phishing site it will have come and gone by then. Secondly just don't click on links in emails. Those two rules on their own will get you out of 98 per cent of the problems.'

http://uk.news.yahoo.com/06022007...hishing-technique-discovered.html


_________________
It is those who are perfectly sane who are driven the maddest by an insane world...


There is method behind my madness
Back to top
View user's profile Send private message Send e-mail Visit poster's website AIM Address Yahoo Messenger
Display posts from previous:   
Post new topic   Reply to topic    bebi.myfastforum.org Forum Index -> PC related matters All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Card File  Gallery  Forum Archive
Powered by phpBB © 2001 - 2005 phpBB Group
Theme myfs_bebi1 v1.5 par HEDONISM
CURRENT MOON
I'm
Bebi1st
on
Create your own free forum | Buy a domain to use with your forum