This spoofed US Bank Email presents us with a new form of URL spoofing - extreme
caution is recommended ...
Following on from the recent examples of Address (Location) Bar
Spoofing, we have now come across a new form of delivering forged content with
what appears to be a genuine URL in the browser address bar...
On this occasion, fraudsters have coded a page which simply
places a text object (with opaque white background) over the URL within the address
bar. This conceals the page's true location and is near unnoticeable (see images
below). We consider this to be much more dangerous than the previous instances
of Address Bar Spoofing since they fell short with colour matching of the browser
frame, whereas this URL Spoofing only covers the text component of the URL in
the address bar.
If you have disabled active scripting, this
cover up will fail, and you will see the true URL - http://www.security-update.info/
- which resolves to web space provided by Server Beach in Texas USA.
If you have received this email, please remember that it is very
common for these email scams to be redistributed at a later date with only slightly
different content or the same but with the fake page(s) hosted by a different
provider. Also, once you have received one of these hoaxes, it is also common
place to receive at least another one and usually a day or two after the first,
although not necessarily from the same apparent sender.
The Spoof Email ...
bogus web page ...