New Phishing Attack Targets Online Banking Sessions With Phony Popups


Recommended Posts

<h2 class="headline">New Phishing Attack Targets Online Banking Sessions With Phony Popups </h2>'In-session phishing' the latest Web-based method for phishers to steal users' banking credentials Jan 13, 2009 | 12:30 PM

By Kelly Jackson Higgins

DarkReading Researchers have discovered a sophisticated, new method of phishing that targets users while they are banking online -- sending phony popup messages pretending to be from their banks.

The so-called "in-session phishing" attack prompts the victim to retype his username and password for the banking site because the online banking session "has expired," for instance, via a popup that purports to be from the victim's bank site, according to researchers at Trusteer, which today published an advisory (PDF) on their findings about the potential for such a phishing attack.

Amit Klein, CTO of Trusteer, says although he and his research team have not spotted full-blown attacks like this in the wild as yet, they have witnessed precursors to it. The attack goes like this: The phisher injects legitimate Websites with malicious JavaScript so that when an online banking customer visits one of those sites while banking online, he gets targeted. The malware exploits weaknesses in the browser that lets the attacker "see" the banking site URL where the victim is logged in, and then the phisher automatically generates a popup posing as that bank. If the user falls for the popup lure and enters his banking credentials, the phisher then gets those credentials

details: http://www.darkreading.com/security/attack...cleID=212900161

Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...