PPRuNe Forums - View Single Post - New Internet Explorer Security Issue
Thread: New Internet Explorer Security Issue
View Single Post
Old 11th December 2003 | 09:09
  #2 (permalink)  
Keef

Official PPRuNe Chaplain
 
Joined: Apr 2001
Posts: 3,498
Likes: 0
From: Witnesham, Suffolk
There's a variant of that scam that works with any browser - I've had three in the past two days and was curious enough to download them out of my spamcop filterbox to have a looksee.

They worked with both IE and Mozilla.
They display the correct" address for NatWest and for Lloyds TSB online banking. When the link is clicked on, they use a line of "delete" characters, then insert their own URL. Mozilla shows this happening, so it's quite clear summat's up.

They then "pass through" to the genuine Bank site, but feed a "dummy" page in the relevant place that asks for your full PIN and security password (rather than a few characters from each).

It appears to be "real time", because feeding the thing spurious info then brings up (after some delay) the Bank's "error message". I didn't try with my "real" details to see what woujld happen then...

I've reported both to the relevant Bank security departments, complete with the offending e-mail. One linked to a site in California, the other to an open relay in a University in Japan.
Keef is offline