Full Disclosure mailing list archives
RE: US Bank scam
From: "Scott Dodson" <sdodson () sdodson com>
Date: Tue, 15 Jun 2004 19:24:54 -0400
-----Original Message-----
From: full-disclosure-admin () lists netsys com
[mailto:full-disclosure->admin () lists netsys com] On Behalf Of David Lederman
Sent: Tuesday, June 15, 2004 12:30 PM To: full-disclosure () lists netsys com Subject: [Full-disclosure] US Bank scam This is the best phishing scam I've seen yet: http://www.bis1bp.com/a12/index.html I have Windows Server 2003 fully patched and this works. The program
fakes >an address bar so this
would pass through most people's safety check, after all the address
bar >clearly has the correct
address.
There are bugs in the code, for example, all your Internet Explorer
windows >will now have this
address, but again for most people would only have one window open.
With XP SP2 build 2149 (RC2) it shows up immediately below the address bar. http://www.sdodson.com/phishing.jpg for a view. -- Scott _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- US Bank scam David Lederman (Jun 15)
- Re: US Bank scam Eric LeBlanc (Jun 15)
- RE: US Bank scam Scott Dodson (Jun 15)
- RE: US Bank scam Nick FitzGerald (Jun 15)
- <Possible follow-ups>
- Re: US Bank scam Hamby, Charles D. (Jun 15)
- Re: US Bank scam Nick FitzGerald (Jun 15)
- RE: US Bank scam Peter B. Harvey (Information Security) (Jun 15)
- RE: US Bank scam wszumera (Jun 15)