IE/Firefox/Safari phishing exploit found

Security by on October 14, 2004 at 10:56 pm
I’ve been following the anti-phishing market recently (there are few good solutions), and was forwarded an article on a new pop-up exploit that enables a malicious site to take advantage of any ‘friendly’ popups on a bank’s website.

Check out this demonstration of the exploit on Citibank’s website:

There will always be either technical (keyloggers, browser expoits, etc) or social engineered solutions to nab people’s login information. You can’t stop phishing by protecting users from themselves, you need to stop it at the bank’s website.

1 Comment

  1. […] is a favorite topic of mine (1, 2). Great article on the efficacy of the user toolbar to flag phishing sites: […]

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. | Dave Naffziger's BlogDave & Iva Naffziger