Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

IE bug provides phishing tool

Dec 10, 2003 2:21AM PST

Patrick Gray
ZDNet Australia
December 10, 2003, 09:50 GMT

A flaw in Internet Explorer makes it easy for scammers to create dummy sites that look like legitimate ones, and try to steal information from Web users

A newly discovered bug in Microsoft's Internet Explorer Web browser may help fraudsters trick Internet users into divulging sensitive information and executing malicious code, according to a security researcher.


The new glitch allows a specially crafted URL, or link, to load a browser window that appears to be displaying any address the attacker wants -- this would enable a fraudster to load a window that would appear to be displaying www.zdnet.com.au, for example, but would in fact display content from another source. The problem will make it easier for scammers to trick Internet users into divulging personal details through "phishing scams", where emails purporting to come from the victim's Internet banking provider or another such site encourage them to re-enter details such as usernames and passwords, according to security research engineer Drew Copley.

More: http://news.zdnet.co.uk/internet/security/0,39020375,39118421,00.htm

Discussion is locked