|
Posted by Barry Margolin on January 17, 2007, 8:17 pm
If you were Registered and logged in, you could reply and use other advanced thread options
> http://www.rsasecurity.com/press_release.asp?doc_id=7667
>
> ...snip...
> How it works
>
> Using the Universal Man-in-the-Middle Phishing Kit, the fraudster creates a
> fraudulent URL via a simple and
> user-friendly online interface. This URL communicates with the legitimate
> website of the targeted organization in
> real-time - whether it is the online banking site of a financial institution,
> the order tunnel of an ecommerce company,
> or any other such business transacting with its users online. The victim
> receives a "standard" phishing email, and when
> clicking on the link s/he is directed to the fraudulent URL. The victim then
> interacts with genuine content from the
> legitimate website - which has been "imported" by the attack into the
> phishing URL - thus allowing the fraudster
> seamless, invisible and immediate access to the victim's personal
> information.
>
> ...snip...
> how does an URL communicate with anything?
They mean "the server accessed via the URL".
> and why wouldn't my browser complain about an invalid certificate for my
> banks site?
You're not going to your bank's site, your going to the phisher's site
because you clicked on the fraudulent URL he sent you. The phisher has
a valid certificate for his own site, of course, so there's nothing for
your browser to complain about (it has no way of knowing where you
*think* you're going).
--
Barry Margolin, barmar@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
| 
XML site map