Main Menu

Login



Support Virus.Org

Help support Virus.Org by donating.
Donating allows us to keep this site free and pay the running costs of all our services.
Phishers Exploit Banking Frames PDF Print E-mail
Written by Editor   
Thursday, 17 March 2005 15:55
It seems the phishers are trying some new tricks to dupe people out of their hard earned money. We have received some reports of some particularly crafty attacks being targeted at Charter One Bank customers. There have been two attempts to steal information from Charter One bank customers, the first was seen last week and was targeted against the Charter One Personal Online Banking site at www.totallyfreebanking.com. The second attack was targeted against users of the www.charterone.com web site.

In the case of the first attack, the phisher attempted to exploited a weakness in Charter One’s own site that allowed the displaying of an arbitrary URL within a frame on the site. The attack also used an SSL enabled site to house the fake page to ensure that no warnings where displayed. As a result, the fake page was shown within another page from the Charter One site, the page security padlock would give a false indication of the security of the page, as it would appear to most users that this is a legitimate Charter One page.

The second attack used an iframe trick to inject arbitrary content into a page at www.charterone.com, making it very difficult to tell that anything is afoot. Jeremy Wagstaff who is technology columnist with Dow Jones writes about the second phishing attack in his blog here.

Add this page to your favorite Social Bookmarking websites
Digg! Reddit! Del.icio.us! Google! Live! Facebook! Technorati! StumbleUpon! Yahoo!
Last Updated ( Thursday, 14 September 2006 23:16 )