Phishing with Images Containing Hidden Code

By | April 7, 2009


H-Online writes:

“Arbor Networks, which specialises in combating distributed denial of service (DDoS) attacks, reports on it’s blog that a named web site is actively exploiting Internet Explorer’s MIME-sniffing problem to create phishing attacks. The perpetrators send email containing a supposedly harmless link that seemingly leads to a JPEG image, but the photo contains hidden HTML and JavaScript code that displays a fake eBay login page. While Firefox and Safari return an error message when loading the image, Internet Explorer executes the code.”

Continue reading at h online

Thanks to mabdul for a link.


About (Author Profile)


Vygantas is a former web designer whose projects are used by companies such as AMD, NVIDIA and departed Westood Studios. Being passionate about software, Vygantas began his journalism career back in 2007 when he founded FavBrowser.com. Having said that, he is also an adrenaline junkie who enjoys good books, fitness activities and Forex trading.

Comments (2)

Trackback URL | Comments RSS Feed

  1. TTT says:
    April 7, 2009 at 5:28 am

    So people still just enter their password whenever they see anything resembling a login page?

  2. Mancho says:
    April 7, 2009 at 1:41 pm

    @TTT
    Yes. Yes, they do. And when their password doesn’t work. They’ll try every other password they know.

«
»