Browse > Home / Blog article: Plishing attack on banking website appears legitimate

Plishing attack on banking website appears legitimate

By Janine de Blois

January 16, 2008

Netcraft warns of new plishing attack that has taken place on an Italian banking website. Cross site scripting has made the attack very difficult to detect even with automated security filters.

Using an url which works on the JavaScipt function on the bank’s own Login page the url appear legitimate. The SSL certificate and secure page will appear normal; but the Iframe the attackers have inserted contains malicious code. The users’ personal data is transferred to Taiwan before redirecting the user to the banks actual page.

The site has been blocked in Netcraft’s anti-plishing toolbar as well as in Plishfeed.

Click here to discuss this: Security Forums

Filed Under IT Security, Malware 
Tagged:



Add to Bookmarks:

ADD TO DEL.ICIO.US     ADD TO DIGG     ADD TO FURL

ADD TO STUMBLEUPON     ADD TO YAHOO MYWEB     ADD TO GOOGLE     ADD TO SPURL


Related posts to "Plishing attack on banking website appears legitimate":



Comments

Got something to say?





Visited 530 times, 1 so far today