1 way to spot it - - dslreports.com

Author	All Replies
FLea973 Premium join:2001-02-27 Morristown, NJ clubs:	1 way to spot it - At least I saw a way to spot it on the demo site - hover over a link on the spoofed site and look at the status bar. It displays the full path of that link: "http://www.symantec.com @www.dslreports.com/front/symantec/www.symantec.com/gotcha.html" Unfortunately what is displayed in the status bar can also be controlled through Java scripts - so yet another reason to disable java.
	to forum · permalink · · 2003-12-11 00:43:07 ·
justin Australian join:1999-05-28 Brooklyn, NY Host: IPv6 Business Connectiv.. Home/Office setup .. Console/Handheld g.. Console Tech	That is true - the status bar (if enabled) will show the full link if you pause and look at it. However, the domain name (easy to spot www.dslreports.com) could easily be a number, or a plain IP. Then, the beginning of the URL and the END of the URL both look ok... only the middle and @ symbol look odd (in the status bar). The people targetted for fraud are not likely to be folks who know why the status bar is even there, let alone how to use it
	to forum · permalink · · 2003-12-11 01:06:23 ·
FLea973 Premium join:2001-02-27 Morristown, NJ clubs:	said by justin : The people targetted for fraud are not likely to be folks who know why the status bar is even there, let alone how to use it True - and a lot of those targeted people won't patch when/if it comes out - may not even know there is a batch much less a flaw...
	to forum · permalink · · 2003-12-11 01:26:26 ·
koam Pink Pecker Premium join:2000-08-16 East Puddle clubs: ·Shoreham Telephone ·ViaTalk	reply to justin on the demo page, the status bar shows only »www.symantec.com. status bar does not give it away for me. looks like a real link to a legit site. -- Danieli Consulting LLC, Strategy and Brandinghttp://kendanieli.tripod.com
	to forum · permalink · · 2003-12-11 12:40:30 ·
justin Australian join:1999-05-28 Brooklyn, NY Host: IPv6 Business Connectiv.. Home/Office setup .. Console/Handheld g.. Console Tech	said by koam : on the demo page, the status bar shows only »www.symantec.com. status bar does not give it away for me. looks like a real link to a legit site. Yes, but that is nothing new (hiding the real destination of a link). It is easy to create a link with onMouseOver to set the status bar, and TITLE to set the tool tip. You can do that in mozilla as well. What is new is AFTER you click the link to go to the site, it STILL looks real.. that is the issue. I think this latter point is being lost by many here.
	to forum · permalink · · 2003-12-11 12:50:57 ·
koam Pink Pecker Premium join:2000-08-16 East Puddle clubs: ·Shoreham Telephone ·ViaTalk	thanks for clarifying. i realized tht the destination page looks real (address bar looks real) but i didn't know you could fake the mouseover copy on status bar so easily all along. thanks. -- Danieli Consulting LLC, Strategy and Brandinghttp://kendanieli.tripod.com
	to forum · permalink · · 2003-12-11 13:09:09 ·


Friday, 04-Dec 19:09:12	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF