Fraud foray fools phishing filter
A new phishing technique allows attackers to bypass the fraud warnings issued by browsers such as Firefox and Chrome.
By Gregory Hale; Source: ISS Source
A new phishing technique allows attackers to bypass the fraud warnings issued by browsers such as Firefox and Chrome.
This move involves attaching an HTML document instead of sending a link, according to security firm M86Security. It remains unclear how many users have become victims so far.
Email recipients opening the HTML document in their browsers see a bogus PayPal form with the usual request to enter their access data due to alleged security issues. As the form processes locally on the user’s computer, the phishing filter doesn’t issue a warning because it only filters external URLs. A click on the “Submit” button then transmits the entered data to a PHP script on a (hacked) server using a POST request. The browser doesn’t warn about this either, according to M86Security.
While browsers should at least warn users when sending the data, M86Security stated two potential reasons why they won’t: As users don’t see the URL they access via POST requests, they can’t report it, and consequently the URL is missing in the browser filter’s blacklist. Most users can’t make anything of the HTML source code attached to the email, M86Security said.
Secondly, URLs which lead to a PHP script are very difficult to classify as phishing sites, M86Security said. It is hard to identify a phishing site without the accompanying HTML code which could, for instance, reveal whether a site pretends to be a banking site. This has apparently caused phishing campaigns to remain undetected.
M86Security didn’t state whether its assessment only refers to the filter lists maintained for Chrome, Firefox and other browsers, or whether it also includes those of the AV vendors, who maintain separate lists for their own filter products.
- Related News:
Blowout preventer overhaul way off - 26.04.2011 09:06- BP sues partners for Gulf disaster - 26.04.2011 09:06
- Blowout preventer not tested to shear pipe - 26.04.2011 09:05
- Even firewalls have holes - 26.04.2011 09:03
- Water utility suffers cyber incident - 26.04.2011 09:02
- Oak Ridge hit by cyber attack - 26.04.2011 09:01
Case Study Database
Get more exposure for your case study by uploading it to the Consulting-Specifying Engineer case study database, where end-users can identify relevant solutions and explore what the experts are doing to effectively implement a variety of technology and productivity related projects.
These case studies provide examples of how knowledgeable solution providers have used technology, processes and people to create effective and successful implementations in real-world situations. Case studies can be completed by filling out a simple online form where you can outline the project title, abstract, and full story in 1500 words or less; upload photos, videos and a logo.
Click here to visit the Case Study Database and upload your case study.
