Re: IE URL Issue Being Used In Phishing In the Wild [USBank]

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: IE URL Issue Being Used In Phishing In the Wild [USBank]
From: Nick FitzGerald <nick@xxxxxxxxxxxxxxxxxxx>
Date: Sat, 15 May 2004 17:18:17 +1200
In-reply-to: <81637804AB36A644BBDE3ED9DD4E73FDF6DB15@xxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Organization: Personal account
Priority: normal
Reply-to: nick@xxxxxxxxxxxxxxxxxxx

"Drew Copley" <dcopley@xxxxxxxx> wrote:

<<snip>>
> The webpage attempts to throw up a little url bar of it's own
> which covers IE's url bar. This allows a pretty convincing spoof
> job to happen. 
> 
> The pop up looks just like IE's url bar, and it is even selectable.
> 
> This does not work in Netscape.

This was also reported at antiphishing.org:

http://www.antiphishing.org/phishing_archive/05-13-
04_US_Bank_(Found_error).html

and it sounds similar to an earlier incident reported there in late 
March:

   http://www.antiphishing.org/news/03-31-04_Alert-FakeAddressBar.html

> It is very similiar to Malware's issues of late. 

Sorry -- I'm going to have to ask you to expand on that (perhaps I 
missed something from http-equiv?).


Regards,

Nick FitzGerald

References:
- IE URL Issue Being Used In Phishing In the Wild [USBank]
  - From: Drew Copley

Prev by Date: Re: Curious fileutils/coreutils behaviour.
Next by Date: Re: Curious fileutils/coreutils behaviour.
Previous by thread: Re: IE URL Issue Being Used In Phishing In the Wild [USBank]
Next by thread: RE: IE URL Issue Being Used In Phishing In the Wild [USBank]
Index(es):
- Date
- Thread