Moderators hazelnut Posted May 25, 2010 Moderators Share Posted May 25, 2010 New type of phishing attack, a lot more creepy, uses your browser tabs. http://krebsonsecurity.com/ Support contact https://support.piriform.com/hc/en-us/requests/new?ticket_form_id=86507 support@ccleaner.com Link to comment Share on other sites More sharing options...
Moderators DennisD Posted May 25, 2010 Moderators Share Posted May 25, 2010 That's sneaky. It's worth trying the Raskin's "proof-of-concept" link in a new tab. Move away from that tab, and it changes to a GMail log-in page. It doesn't look quite right, so would probably only fool the unwary or less knowledgeable, but that was probably all of us at one time. Nice find hazel. Link to comment Share on other sites More sharing options...
JDPower Posted May 26, 2010 Share Posted May 26, 2010 I'm quite pleased, it doesn't succeed on my Firefox thanks to installed extensions. The first proof of concept does manage to change the tab title and favicon but no page content loads, it's blocked by Request Policy. The second proof of concept that is supposed to get past NoScript protection (which I don't use) doesn't work at all, I discovered this is thanks to CookieSafe Lite. Simply not having cookies allowed for the site stops it working. And if I try again but with CookieSafe disabled, once again no page content loads as it's blocked by Request Policy. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now