[pchelpers] New Phishing trick

• From: PcCowboy <saddle@xxxxxxxxxxxxxxxxxxx>
• To: pchelper <pchelpers@xxxxxxxxxxxxx>
• Date: Sat, 25 Jun 2005 10:32:00 -0500

There is a new Phishing trick out there as reported by:

http://www.aunty-spam.com/microsoft-advisory-on-web-browser-phishing-trick-involving-overlapping-browser-windows/


Microsoft has this week issued an advisory on a new trick which phishers 
are playing with users’ web browsers, including Internet Explorer, 
although other web browsers can be manipulated as well. The trick 
involves the use of overlapping browser windows which are automatically 
opened by a site which the user visits.

The way that it works is this: you visit a website - unbeknownst to you 
a phisher’s website - and that site redirects you to a real, legitimate 
site. So let’s say that you get an email with a link to YourBank.com, 
but it’s really a link to ThatPhisher.com. However, ThatPhisher.com 
invisibly redirects you to the real YourBank.com website, so what you 
see is your bank’s real, legitimate website.

However, at the *same* time, as your browser hits and passes through 
ThatPhisher.com, ThatPhisher.com causes your browser to pop-up one or 
more new windows or dialogue boxes, which prompt you to enter personal 
information for YourBank.com (such as your account information or 
password). You have no reason to think that the information is being 
requested by anyone other than YourBank.com, because hey, you’re at the 
real YourBank.com website!

Says the Microsoft advisory, “If a particular window or dialog box does 
not have an address bar and does not have a lock icon that can be used 
to verify the site’s certificate, the user is not provided with enough 
information on which to base a valid trust decision about the window or 
dialog box.”

Good advice.

What to do if you are presented with such a new window or dialogue box?

Close them, go to your main browser window, and manually type in the 
address of the real website (in this case YourBank.com). If the window 
or dialogue box pops up again, then it was likely legitimate. If it 
doesn’t, well, you’ve just saved yourself from being phish phood.


Pc




-- 
-------list-services-below-----------
Regards, John Durham (list moderator) <http://modecideas.com/contact.html?sig>
Freelists login at http://www.freelists.org/cgi-bin/lsg2.cgi
List archives at http://www.freelists.org/archives/pchelpers
PC-HELPERS list subscribe/unsub at http://modecideas.com/discuss.htm?sig
Latest news live feeds at http://modecideas.com/indexhomenews.htm?sig
Good advice is like good paint- it only works if applied.

• Follow-Ups:
  • [pchelpers] Re: New Phishing trick
    • From: John Durham
  • [pchelpers] Re: New Phishing trick
    • From: Ekhart GEORGI (last name last)

Other related posts:

• » [pchelpers] New Phishing trick
• » [pchelpers] Re: New Phishing trick
• » [pchelpers] Re: New Phishing trick
• » [pchelpers] Re: New Phishing trick

• » Related posts
• » Previous by Date
• » Next by Date
• » This Month's Archive
• » Main Archive Page

• » View list details
• » Manage your subscription