[Dshield] Microsoft Security Advisory Notification (902333)
areust at comcast.net
Wed Jun 22 04:15:19 GMT 2005
What make this notable is that I have received several trapped Credit Union
"Phishing" attempts. I apologize that I can not provide more details
(examples), other than they are aimed primarily at Federal, State employees
and their Credit Unions (including EDU's). This also could provide
information to target account and personal information of those specific
users. The larger threat includes "users" would tend to use the same
password wherever they can. The examination of several attempts show that
multiple windows were launched to mask what the user would see. The
attempts were trapped by the email gateway and examined, some of the first
few attempts "do not" always follow proper mail rules.
Yes this advisory is long overdue, and is browser independent.
Browser Windows Without Indications of Their Origins may be Used in
Published: June 21, 2005
Microsoft has investigated a public report of a phishing method that
affects Web browsers in general, including Internet Explorer.
The report describes the scenario of multiple, overlapping browser windows,
some of which contain no indications of their origin. An attacker could
arrange windows in such a way as to trick users into thinking that an
unidentified dialog or pop-up window is trustworthy when it is in fact
fraudulent. When a user visits a malicious Web site the user may be
redirected to a trusted Web site. The attacker could then display an
overlapping window in the form of a dialog box attempting a phishing
attack. The user is then prompted to input personal information into this
dialog box, which was opened from the malicious Web site. The user might
believe that this dialog box was opened by the trusted Web site and they
might input personal information. However, this information is sent to the
malicious Web site.
This affects "most" web browsers.
More information about the list