Tweet
Phisherman's friend
By John Leyden
Published Thursday 26th October 2006 10:57 GMT
Security researchers have identified a pop-up address bar spoofing weakness in Microsoft's newly released Internet Explorer 7 browser. The flaw, first reported by security notification firm Secunia, might lend itself to phishing attacks and remains currently unpatched.
The security bug creates a means for hackers to display a popup with partially spoofed address bar where a number of special characters have been appended to a URL. Only part of the address bar will be displayed, creating a possible mechanism to trick users into believing they are visiting a trusted site rather than one controlled by hackers.
By John Leyden
Published Thursday 26th October 2006 10:57 GMT
Security researchers have identified a pop-up address bar spoofing weakness in Microsoft's newly released Internet Explorer 7 browser. The flaw, first reported by security notification firm Secunia, might lend itself to phishing attacks and remains currently unpatched.
The security bug creates a means for hackers to display a popup with partially spoofed address bar where a number of special characters have been appended to a URL. Only part of the address bar will be displayed, creating a possible mechanism to trick users into believing they are visiting a trusted site rather than one controlled by hackers.
Comment