Friday, April 07, 2006

Another security hole found in IE

CNET "An unpatched vulnerability in Internet Explorer could aid fraudsters in pulling off phishing scams, experts have warned.
The error could be exploited to fake the address bar in a browser window, security monitoring company Secunia said in an advisory published on Tuesday. This tactic could be used in phishing scams that attempt to trick people into believing they are on a legitimate site, when in fact they are viewing a fraudulent Web page.
Phishing is a prevalent type of online scam that seeks to pilfer personal information from unsuspecting Internet users. The scams typically combine spam e-mail with fraudulent Web sites that appear to come from a trusted source, such as a credit card company or a bank.
The flaw exists because of an error in the way the Microsoft Web browser loads Web pages and Macromedia Flash animations, according to Secunia. The company rates the issue 'moderately critical' and has created a special Web page where users can test their Web browser to see if they are affected. "

No comments: