neil Posted 3 February 2004 Share Posted 3 February 2004 Just a warning to you all. Back in December an exploit was found in IE (5.01, 5.5 and 6) It allows one to show one URL in the address bar but actually take the victim to another. Here is a very simple page I've just created: http://www.stirton.com/test.htm The implications are huge. Barclays bank has just been hit by this. Someone made a spoof copy of their site and then sent out emails with the exploit and tricked customers into thinking that they were on the legit site. Link to comment Share on other sites More sharing options...
neil Posted 3 February 2004 Author Share Posted 3 February 2004 As of earlier today, if you do a Windows update then you should find a patch for IE that will prevent you from being "exploitable" from this security bug. http://windowsupdate.microsoft.com Link to comment Share on other sites More sharing options...
sjb1604 Posted 3 February 2004 Share Posted 3 February 2004 A properly updated virus scanner should also detect it as a trojan - mine does (McAfee 4.5.1 - kept up to date weekly) Link to comment Share on other sites More sharing options...
neil Posted 3 February 2004 Author Share Posted 3 February 2004 But it's not actually a trojan Si It's a Micky$oft "feature" Norton AV latest pattern file does not pick it up and nor would I really expect it to. Where it is likely to catch people out is where someone gets sent a faked HTML email that looks like it has come from their bank and asks them to log in. You will most likely be taken to a site that looks identical and log in and before you know it the 'fraudster' has your login details. Some Barclay's customers were hit by this a few weeks back. Link to comment Share on other sites More sharing options...
sjb1604 Posted 3 February 2004 Share Posted 3 February 2004 I know its not a real trojan but decent heuristics catch it all the same as you can see from the screen capture! I ditched Norton ages ago as it kept missing things even with the latest updates (my company did the same thing long before I did and switched to McAfee - they even managed to block all the last lot of worms!) Link to comment Share on other sites More sharing options...
RobertBeard Posted 4 February 2004 Share Posted 4 February 2004 I think this scam was also done a while ago by someone spoofing the Blomberg investment site in the US and got away with a load of money either because the info shown on the website affected the share price from which lots lost and one gained or through a spurious offer for sale of shares taken up by those taken in. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now