Also known as MIME Sniffing, this is a feature or bug in IE which is the only browser able to dynamically determine the content type of the document it loads. So, in this case, it detects a plain text document with HTML content instead of a an JPG header.
And the content of the “JPG” file which is text/html:
The URL was reported to Phishtank and CleanMX.
The users of Avira Professional and Avira Premium Security Suite are protected if they use the latest Webguard signatures.
I know you subscribed manually on this site, but we need now to check that you are happy to continuing receiving emails from it. From the 25th of May 2018, the new Data Protection Law will apply (GDPR). To comply with this, I need to check that I have your permission to use your name(optional) […]
The Free Mac Security gets the Update 3 bringing performance improvements together with some stability improvements and additional features. The update comes automatically via the standard product update and it doesn’t require a reboot. Performance improvements We know that the product had some performance issues when the Time Machine or another backup program […]
Google Chrome 4 – now with Extensions
Comments are closed.
The source:
http://asert.arbornetworks.com/2009/03/mime-sniffing-and-phishing/
Here in English:
http://www.h-online.com/security/Phishing-with-images-containing-hidden-code–/news/112945
Here in German:
http://www.heise.de/security/Phishing-mit-Code-in-Bildern–/news/meldung/135321
And the details with tests here:
http://www.heise.de/security/Risiko-durch-MIME-Sniffing-im-Internet-Explorer–/artikel/122187