Phishing Without A Net
Thursday, January 15, 2009
A new method of phishing may be your next battle. Researchers report that scammers can now phish you--pretend to be your bank--while you're logged into your bank's legitimate web site.
Until now, phishing was done by emails that try to trick you into clicking links to phony sites. This new variant is sophisticated and almost invisible, because it doesn't come through email but on the web, and only after you have successfully logged into your bank's actual site. Then malicious code takes over and sends a realistic-looking popup window asking for your credentials. The complexity of this attack makes it difficult to avoid, and switching from Internet Explorer to another browser like Firefox won't help.
This attack isn't widespread (yet), but you can expect more near-invisible scams like this in the future. Be sure to keep your computer updated, and don't forget to subscribe to Tech Tips for the latest computer news.
Posted byTriona Guidry at 4:33 AM