Security Flaw Annoucned - Deceptive Links

  Jester2K II 18:51 11 Dec 2003
Locked

IE phishing scam exploit unearthed

click here

Quote

"Security researchers have discovered a way for scam artists to disguise more effectively the location of bogus Web sites.

A flaw in IE displays URLs in the address bar takes the old trick of fooling users into visiting dodgy sites to the next level."

Details of a new scam that can be used to make "phishing" e-mails look even more credible. a link in the e-mail takes you to the Microsoft/ eBay / LloydsTSB / NatWest etc etc site - or does it?

  Pesala 18:56 11 Dec 2003
  Djohn 19:17 11 Dec 2003

I'm a little confused here, [Usually happens]. Clicked on your link to the register page then the "Test exploit link" from there.

New blank window opens with the button "Test exploit" I clicked on that and the message said.

www microsoft com should be in the address window. It was, so does this mean that my system passed the test OK, or is it referring to the dingbat address in the previous window and saying that I would be under the impression that was where I was going when I clicked the button? :o(

  VoG II 19:23 11 Dec 2003

It actually takes you to

http: //www. microsoft.com@zapthedingbat.com/security/ex01/vun2.htm

  Pesala 19:27 11 Dec 2003

The point is that you are misled into thinking that you are at Microsoft's site, when you are not. Using this security flaw in Internet Explorer a spammer could make you do all sorts of things by making a website that looked like your bank's website for example, and showed the correct address, though it was the spammer's address.

  Djohn 19:28 11 Dec 2003

Thanks VoG, so even though microsoft was showing in the address bar and the message said that is what I should see, I was in fact at the dingbat sight?

  Djohn 19:28 11 Dec 2003

Thanks Pesala, posted before seeing your reply.

  VoG II 19:30 11 Dec 2003

Yes, that's right. The only reason I was aware of the "scam" was that, as Pesala said, Opera firstly warns you and then displays the above address in the address bar.

  Djohn 19:40 11 Dec 2003

Thank you jester for bringing the scam to our attention. thanks to VoG and Pesala for the explanation.

It's a scary world out there and we really do need to be aware of what we are doing. This forum comes to the rescue yet again in keeping us all up to-date on what these people are attempting to do.

  cycoze 19:48 11 Dec 2003

Try it again , once the page is up , right click it and click on "Properties".

I did say this once before but the thread seems to have vanished !

Also put a link in for www .securiteam. com click here regarding "Chromeless Windows" , there is a link on that page for a test showing why ActiveX signing dialogs cannot be trusted , how a false box can cover another , not good .

  ©®@$? 20:00 11 Dec 2003

is this going to be patched soon

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

The Evil Within 2 review-in-progress

InVision Studio takes on Adobe XD and Sketch

Camera tips to take better iPhone photos

Comment transformer un iPhone en borne Wi-Fi ?