Dailydave mailing list archives
Re: Interesting phish
From: Fyodor <fyodor () insecure org>
Date: Mon, 12 Feb 2007 13:13:30 -0800
On Mon, Feb 12, 2007 at 02:16:23PM -0500, Tyler Krpata wrote:
I had an interesting Bank of America phish pointed out to me...it gets around the "wrong URL" problem by popping up a new window which disables the location bar and creates a lookalike IE location bar of its own which contains a legit URL. This is something I had actually
IMHO, pages should not be able to hide your location bar, titlebar, or menubar, prevent you from resizing/moving/scrolling windows, or anything of the sort. Firefox has for many years offered config options to protect you from all this. Unfortunately, some of them are still not enabled by default. CERT has a good description here of the features (related to a similar spoofing exploit which used XUL): http://www.kb.cert.org/vuls/id/262350 I don't know if IE offers this sort of protection. The release notes for IE7[1] at least note a way to prevent status bar spoofing (you need to enable this explicitly though) and they finally decided that web pages should not be able to secretly snarf all of the data in your clipboard. Cheers, Fyodor [1] http://msdn2.microsoft.com/en-us/ie/aa740486.aspx _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Interesting phish Tyler Krpata (Feb 12)
- Re: Interesting phish Fyodor (Feb 13)
- Re: Interesting phish I)ruid (Feb 13)
- Re: Interesting phish Tyler Krpata (Feb 13)