New entry in the TSC: Script in the middle

Thanks to Virus Bulletin, we have now a new entry in The Spammers’ Compendium:

Script in the middle
UO!Script in the Middle!JavaScript

14 October 2010
Description

The email has an HTML document attached to it that contanis a for. Clicking submit will POST the user’s data to a website controlled by the crooks, which automatically and invisible redirects to a legitimate website. See also The Responsibility Transfer.

Example

The original article with all the juicy details can be found in Avira Techblog: http://techblog.avira.com/2010/09/08/phishing-getting-verified/en/


© Copyright 2010 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on Cybersecurity


Check www.endpoint-cybersecurity.com for seeing the consulting services we offer.

Visit www.itsecuritynews.info for latest security news in English
Besuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch

Related Posts

Security release 4.2.4 for WordPress is available – update now

This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site. Read more here: https://wordpress.org/news/2015/08/wordpress-4-2-4-security-and-maintenance-release/ WordPress 4.2.4 also fixes four bugs. For more information, see the release notes or consult the list of changes.   If you have your site already at WordPress 4.x and it is properly configured, […]

“Internet Service Providers have a pessimistic view of the future” ?!?

I read this article from Heise ( http://www.h-online.com/security/news/item/Internet-Service-Providers-have-a-pessimistic-view-of-the-future-917562.html) and I couldn’t stop asking myself : WHY ?! I mean where is the problem in building a better protection from inside ? Why Inside ? Because most of the attacks come from inside their network or from the networks from their own partners. So, guys, sit […]

2007 Desktop Linux Market survey

Source: http://www.desktoplinux.com/cgi-bin/survey/survey.cgi?view=archive&id=0813200712407 Distributions: Desktop environments Running Windows applications on Linux Email clients Browsers &copy Copyright 2007 Sorin Mustaca, All rights Reserved. Written For: Sorin Mustaca on CybersecurityCheck www.endpoint-cybersecurity.com for seeing the consulting services we offer.Visit www.itsecuritynews.info for latest security news in EnglishBesuchen Sie de.itsecuritynews.info für IT Sicherheits News auf Deutsch