RSS Feed
00.51
mobileinfo
The latest round of phishing attacks, focusing on the customers of the Bank of America and bypass the PayPal fraud protection built into the browsers Mozilla Firefox and Google Chrome by attaching a file in HTML spam.
According to M86 researcher Rodel Mendrez locally stored file opens a Web form that collects customer login credentials, credit card numbers and other sensitive information, and then use a POST request is a PHP application to Zap a legitimate web site, which is at risk. The exclusion of the use of more detailed requirements of the phishing page and flies completely under the radar cabin features protection fraud browsers.
"While the POST request sends information about some of the remote Web site, Google Chrome and Mozilla Firefox did not detect any malicious activity," writes Mendrez. "The month old phishing campaigns will remain undetected, it seems that this tactic is very effective."
There is no technical reason why can't browsers flag URL, which receives the POST request. The growing pile of linen Mendrez assumes that few PHP URL is reported as abusive, the majority of end users due to the technical knowledge required. HTML is not visible, there is little for the average user.
The tactic is similar to the M86 published last month, a self-extracting archive in the embedded email scams and also uses the compromised legitimate Web sites to circumvent the anti-phishing protections.
Fast-food maker Frito Lay, one of the companies, whose page is hacked to host a PHP script, just by the way, he was, says Mendrez. Since then, has been deleted.
There was no mention of how the Microsoft Internet Explorer responds to HTML Forms. ®
0 komentar:
Posting Komentar