New entry in the TSC: Script in the middle

Thanks to Virus Bulletin, we have now a new entry in The Spammers’ Compendium:

Script in the middle
UO!Script in the Middle!JavaScript

14 October 2010
Description

The email has an HTML document attached to it that contanis a for. Clicking submit will POST the user’s data to a website controlled by the crooks, which automatically and invisible redirects to a legitimate website. See also The Responsibility Transfer.

Example

The original article with all the juicy details can be found in Avira Techblog: http://techblog.avira.com/2010/09/08/phishing-getting-verified/en/


© Copyright 2010 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

Related Posts

Truecrypt shutdown – 5 questions that must be asked

If you visit www.truecrypt.org you see this text below. If you install the software, you see it quite a couple of times. The domain www.truecrypt.org  is only redirecting now to www.truecrypt.sourceforge.net. There are many articles written on this topic, especially on “WHY?”. WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues This page exists […]