[34906] in bugtraq
Re: IE URL Issue Being Used In Phishing In the Wild [USBank]
daemon@ATHENA.MIT.EDU (Nick FitzGerald)
Sat May 15 14:54:03 2004
Date: Sat, 15 May 2004 17:18:17 +1200
From: Nick FitzGerald <nick@virus-l.demon.co.uk>
In-reply-to: <81637804AB36A644BBDE3ED9DD4E73FDF6DB15@hermes.eCompany.gov>
To: bugtraq@securityfocus.com
Reply-To: nick@virus-l.demon.co.uk
Message-id: <40A650D9.325.1FD24BA6@localhost>
MIME-version: 1.0
Content-type: text/plain; charset=US-ASCII
Content-transfer-encoding: 7BIT
Content-description: Mail message body
"Drew Copley" <dcopley@eeye.com> wrote:
<<snip>>
> The webpage attempts to throw up a little url bar of it's own
> which covers IE's url bar. This allows a pretty convincing spoof
> job to happen.
>
> The pop up looks just like IE's url bar, and it is even selectable.
>
> This does not work in Netscape.
This was also reported at antiphishing.org:
http://www.antiphishing.org/phishing_archive/05-13-
04_US_Bank_(Found_error).html
and it sounds similar to an earlier incident reported there in late
March:
http://www.antiphishing.org/news/03-31-04_Alert-FakeAddressBar.html
> It is very similiar to Malware's issues of late.
Sorry -- I'm going to have to ask you to expand on that (perhaps I
missed something from http-equiv?).
Regards,
Nick FitzGerald
