[GTER] No tópico de enganações on line...

Rodolfo Eduardo Nützmann lists at nutzmann.net
Wed Jan 14 11:57:38 -02 2004


http://www.securityfocus.com/news/7807

"Tuesday's edition of Microsoft's monthly bundle of security advisories features an omission that should keep online fraud artists and identity thieves happy: over one month after its discovery, there is no official patch available for a bug in Internet Explorer that lets swindlers pass off counterfeit websites as the real thing. "

...

"Experts have traditionally advised consumers to avoid these scams by carefully checking the address bar in their browser window to verify that they're actually on citibank.com, for example, before entering their password or account information. But the IE bug makes that advice obsolete: combined with URL obfuscation techniques already well known to phishers, IE helpfully transforms a clumsy fake like "www.citibank.com%01 at 211.239.150.170/login/login.htm" into the flawless counterfeit "www.citibank.com." "



More information about the gter mailing list