Friday, June 24, 2005

Phishing With Javascript: Every Browser is Vulnerable

No fixes yet except for Opera. The Javascript "feature", available in Microsoft, Apple, and open source browsers, let's a hacker redirect a Java input field to the hacker's site. That would enable phishing attacks -- especially with domain name overrides.

I do not know whether this hack works with secure hypertext (SHTML).

All this is just another reminder to take a good look at the pages you enter your password or credit card number into.

No comments:

Post a Comment

All comments are moderated.

Note: Only a member of this blog may post a comment.