TRUSTEER HAS IDENTIFIED A NEW PHISHING ATTACK METHOD

Updated: 01/17/2009 19:48
Reprints/Permissions  Hyip Monitor
A new phishing attack method that infiltrates secure website sessions was found by Trusteer. It is noted that it was designed to trick users

A new phishing attack method that infiltrates secure website sessions was found by Trusteer. It is noted that it was designed to trick users. This process looks the following way. Users were tricked into surrendering confidential information after they have logged on to an online banking, brokerage, or other sensitive web site. Moreover, this technique, dubbed In Session Phishing, may cause unpredictable results. It can be used to inject into all major browsers legitimate looking Pop Up messages that request passwords, account numbers, etc., on behalf of the trusted website.

The method determined as the next generation Phishing method is described in details in a free security advisory written by noted security researcher and Trusteer CTO Amit Klein. Also researcher covers the techniques that can be used to protect against it.

Basically it explains how a typical In Session Phishing attack would affect users. A user logs onto their online banking application to perform some tasks. Leaving this browser window open, the user then navigates to other websites. And here comes a new phishing attack methods. A short time later a popup appears allegedly from the banking website. And it asks the user retype their username and password because the session has expired, or complete a customer satisfaction survey, or participate in a promotion, etc. Since the user had recently logged onto the banking website, he/she will likely not suspect this popup is fraudulent and thus provide the requested details.

And this method is rather successful because more than two million legitimate websites are known to be compromised by criminals, and hundreds more are being compromised every day. Also it is very hard to identifying which website a user is currently logged onto.

EcommerceJournal


About the author

Eric Marriam is a young writer. Even though he is not experienced he is able to make really high quality work. Eric is able to identify a problem people have and break it down, able to appeal to emotion through emotive writing, can change style of writing to cater to different audience. Eric Marriam is able to work creatively and effectively with staff and managers and despite his young age, he proved to be a clear and effective writer and speaker, committed to maintaining quality and efficiency, seeking for professional growth and development.
You May Also Like