Feb 09 2005

Phishing with Firefox & IE

Published by at 12:25 pm under Technology

This is an old article and the information contained within it may be out of date, not reflect my current views and/or contain broken links. If you feel this article is still valid and requires updating, you can use the contact form to let me know. However, I make no guarantee that it will get updated.

The latest news in the world of Phishing is the IDN (International Domain Names) atack as demonstrated by Shmoo.

Firefox announced that they had fixed the bug within 12 hours, or atleast allowed you to turn off the feature that allowed the attack.

Microsoft, however, was quick to announce that IE was never vulnerable in the first place. A little light reading on the Microsoft knowledge base shows that the reason for this is that they never supported IDN in the first place.

Damien Guard (the guy I work with) has installed one of the available plugins for IE that allows for IDN and has demonstrated that with the plugin IE is vulnerable to attack.

No responses yet