- Related Stories
-
EarthLink aims to block 'phishing' scams
April 19, 2004 -
Finding a way to fry spam
February 24, 2004 -
Commentary: Spammers must pay
December 16, 2003
Phishing is an Internet scam in which unsuspecting users receive official-looking e-mails that attempt to fool them into disclosing online passwords, user names and other personal information. Victims are usually persuaded to click on a link that directs them to a doctored version of an organization's Web site.
Get Up to Speed on...
Enterprise security
Get the latest headlines and
company-specific news in our
expanded GUTS section.
The Anti-Phishing Working Group (APWG), which was formed in November 2003 to provide a forum for financial institutions to share information about new phishing campaigns, recently warned its members about an attack that can modify the victim's browser by replacing the address bar with a Java applet. This allows the attacker to take the victim to any Web site but display the address of an official Web site in the browser's window, increasing the chances of fooling people.
According to the APWG's Web site, the new attack targeted Citibank customers at the end of March. "This sophisticated new attack automatically detects the consumer's browser and applies a custom JavaScript that replaces the look and feel of the Web address bar with an appropriately designed working fake. You can even type in the bank's Web address directly into the fake address bar--this is a live piece of JavaScript code, not a static fake address bar image," the organization said.
Munir Kotadia of ZDNet UK reported from London.
See more CNET content tagged:
phishing,
MessageLabs Ltd.,
address bar,
victim,
attack
- Norton/Symantec phish?
- I have gotten several "Undeliverable" messages in my main email inbox lately, they are all reporting attempts to email various address with a .ru domain, and the sender shows a name in some other Eastern European language with my email address in brackets after that name. This has me thinking I am victim to a remailing trojan of some sort, so I went to the Symantec site (www.norton.com is what I typed in) to look for discussions or forums; while there I clicked on the Updates button and it said I needed several updates to my Norton Systemworks and asked me to input account information. Now my installed Systemworks shows that I have all the latest updates for all components, so I became suspicious that perhaps this was not the "real" Norton site, anyone encountered problems such as this?
- Reply to this comment
- Java applet != JavaScript
- The article implies that a Java applet and JavaScript are the same thing, but they are completely different. Which is it?
- Reply to this comment
- What does this affect?
- Nowhere in the story does it say what browsers and what operating systems the phony tool bar can affect. I would like to know if it affects Mozilla or Firefox on Windows? Does it affect any browsers on Macintosh and if so which ones? I mostly use Linux for my web surfing, does it affect any browsers there?
- Reply to this comment
