site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Danger - Phishing ahead > 1 way to spot it -

Search Topic:
 Uniqs:
489		 Share Topic
Post a:
Post a:
AuthorAll Replies


FLea973
Premium
join:2001-02-27
Morristown, NJ

1 way to spot it -

At least I saw a way to spot it on the demo site - hover over a link on the spoofed site and look at the status bar. It displays the full path of that link:
"http://www.symantec.com @www.dslreports.com/front/symantec/www.symantec.com/gotcha.html"

Unfortunately what is displayed in the status bar can also be controlled through Java scripts - so yet another reason to disable java.
to forum · permalink · 2003-12-11 00:43:07 ·


justin
Australian
join:1999-05-28
New York, NY
kudos:7
Host:
IPv6
Business Connectiv..
Console/Handheld g..
Home/Office setup ..
Photos of Broadban..

That is true - the status bar (if enabled) will show the full link if you pause and look at it. However, the domain name (easy to spot www.dslreports.com) could easily be a number, or a plain IP.

Then, the beginning of the URL and the END of the URL both look ok... only the middle and @ symbol look odd (in the status bar).

The people targetted for fraud are not likely to be folks who know why the status bar is even there, let alone how to use it

to forum · permalink · 2003-12-11 01:06:23 ·


FLea973
Premium
join:2001-02-27
Morristown, NJ

said by justin:
The people targetted for fraud are not likely to be folks who know why the status bar is even there, let alone how to use it
True - and a lot of those targeted people won't patch when/if it comes out - may not even know there is a batch much less a flaw...
to forum · permalink · 2003-12-11 01:26:26 ·


koam
Pink Pecker
Premium
join:2000-08-16
East Puddle
Reviews:
·Shoreham Telephone

reply to justin
on the demo page, the status bar shows only »www.symantec.com.

status bar does not give it away for me. looks like a real link to a legit site.
--
Danieli Consulting LLC, Strategy and Brandinghttp://kendanieli.tripod.com

to forum · permalink · 2003-12-11 12:40:30 ·


justin
Australian
join:1999-05-28
New York, NY
kudos:7
Host:
IPv6
Business Connectiv..
Console/Handheld g..
Home/Office setup ..
Photos of Broadban..

said by koam:
on the demo page, the status bar shows only »www.symantec.com.

status bar does not give it away for me. looks like a real link to a legit site.
Yes, but that is nothing new (hiding the real destination of a link). It is easy to create a link with onMouseOver to set the status bar, and TITLE to set the tool tip. You can do that in mozilla as well.

What is new is AFTER you click the link to go to the site, it STILL looks real.. that is the issue.

I think this latter point is being lost by many here.
to forum · permalink · 2003-12-11 12:50:57 ·


koam
Pink Pecker
Premium
join:2000-08-16
East Puddle
Reviews:
·Shoreham Telephone

thanks for clarifying. i realized tht the destination page looks real (address bar looks real) but i didn't know you could fake the mouseover copy on status bar so easily all along. thanks.
--
Danieli Consulting LLC, Strategy and Brandinghttp://kendanieli.tripod.com

to forum · permalink · 2003-12-11 13:09:09 ·
Forums > Danger - Phishing ahead

Monday, 04-Jun 14:34:31 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics