IE still vulnerable to Phishing

By Roger on September 2, 2004 12:28 PM |

One of my users got an email supposedly from Suntrust which advised the user to go to https://internetbanking.suntrust.com/verify/default.asp otherwise their creditcard or account would be suspended. The url of actually went to http://219.117.228.247/verify. This is a computer in Japan running Redhat Linux.

Of course this is garden variety phishing. What I found interesting is that even on a fully patched version of Internet Explorer the real location is hidden from the user.

At this website, right clicking is prevented in IE. The addressbar displays a https:// suntrust url. The lock is missing down in the status bar.

Categories

Microsoft

Tags

About this Entry

This page contains a single entry by Roger published on September 2, 2004 12:28 PM.

MessageLabs announces partnership with Brightmail was the previous entry in this blog.

Infoworld's antiSPF article is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.

Subscribe to feed Subscribe to this blog's feed
Add to Google
Please contact me by leaving a comment where appropriate. Otherwise, you can click here to reveal an email address for me.
Got Backups? Get Safe Online Remember Rick Rescorla Powered by Movable Type 4.2-en

Search