IE/Firefox/Safari phishing exploit found
I’ve been following the anti-phishing market recently (there are few good solutions), and was forwarded an article on a new pop-up exploit that enables a malicious site to take advantage of any ‘friendly’ popups on a bank’s website.
Check out this demonstration of the exploit on Citibank’s website:
http://secunia.com/multiple_browsers_window_injection _vulnerability_test/
There will always be either technical (keyloggers, browser expoits, etc) or social engineered solutions to nab people’s login information. You can’t stop phishing by protecting users from themselves, you need to stop it at the bank’s website.
Check out this demonstration of the exploit on Citibank’s website:
http://secunia.com/multiple
There will always be either technical (keyloggers, browser expoits, etc) or social engineered solutions to nab people’s login information. You can’t stop phishing by protecting users from themselves, you need to stop it at the bank’s website.
1 Comment
RSS feed for comments on this post.
Sorry, the comment form is closed at this time.
[…] is a favorite topic of mine (1, 2). Great article on the efficacy of the user toolbar to flag phishing sites: […]