Internet Explorer Cross Frame Scripting Bypass Bug
A bug in Internet Explorer brings more Phishing Scam woes...
iDefense.com publicly announced the bug yesterday, which will allow phishing scam artists to capture key strokes as users enter information into log in and form pages of genuine sites while using Internet Explorer browsers (v5.01, 5.5 and 6).
Framesets are commonly used in the design of web pages, they allow you to have more than one page displayed as if they were one page, above each other or beside each other such as the top banner being one, the side bar being another and the page content being another. Learn more here.
Microsoft have yet to issue a patch but the bug will only work if active scripting is enabled. We've set up a Cross Frame Scripting Bug Example, but have only coded the page to display the key strokes in the status bar (further scripting could allow fraudsters to receive the keystrokes by email).
Microsoft are so far placing emphasis on ensuring that internet users should verify the identity of the page they are visiting before interacting with it in any way. Normally, a visitor will see the true URL in the address bar. However...
PLEASE SEND US YOUR
EMAIL HOAX SCAMS
click here to
use our online
Avoid becoming a victim...
Be good, be careful and most of all ..... be aware.
Advice to web masters...
More on Phishing ...
MillerSmiles.co.uk. All Rights Reserved.
All other logos and trademarks in this site are property of their respective owners