A weakness has been discovered in Internet Explorer, which can be exploited by malicious people to conduct phishing attacks.
The problem is that it's possible to display a popup with a somewhat spoofed address bar where a number of special characters have been appended to the URL. This makes it possible to only display a part of the address bar, which may trick users into performing certain unintended actions.
An example of the spoof is here:
Other related posts:
Air New Zealand launches Flexitime Membership (and how it can save you $$$)
Have an interest in retail payments and credit card interchange rates? Here’s your chance to have a say.
Fairfax takes journalism ethics and integrity to a whole new low with Stuff fibre
Comment by freitasm, on 27-Oct-2006 21:04
I read a good comment somewhere... Apparently this was known before RTM. But Secunia decided to release the information after this was public. Fact? Not sure, but suspicious nonetheless...
Add a comment
Please note: comments that are inappropriate or promotional in nature will be deleted.
E-mail addresses are not displayed, but you must enter a valid e-mail address to confirm your comments.
Are you a registered Geekzone user? Login to have the fields below automatically filled in for you and to enable links in comments. If you have (or qualify to have) a Geekzone Blog then your comment will be automatically confirmed and shown in this blog post.