Sunday, January 07, 2007

Phishing sites using Flash.

It has been reported by F-secure that there are some phishing sites that have started appearing on the net using Flash instead of HTML. This technique is now being used to work around the Anti-phishing tool bars and the built in Anti-phishing techniques in the browsers like Firefox 2, Internet Explorer 7 and Opera 9.1

Two of the sites that have been found to be using these techniques are www.ppal-form-ssl.com and www.welcome-ppl.com, both targeting Paypal users.

If you right click on the pages you will see the "Zoom in" "show all" "play" options in the menu instead of the normal options you see on an HTML page.

When you type in login information, the SWF file displays a new page, asking for your credit card information.

So now even if your Anti-phishing tool bars does not alert you when you land at a phishing site be careful to check the url and above all use your prudence before giving out informations.

0 comments:

Google