Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

Skip to comments.

Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites
Wordfence ^ | April 14, 2017 | Mark Maunder

Posted on 04/18/2017 12:13:20 PM PDT by Tolerance Sucks Rocks

This is a Wordfence public service security announcement for all users of Chrome and Firefox web browsers:

There is a phishing attack that is receiving much attention today in the security community.

As a reminder: A phishing attack is when an attacker sends you an email that contains a link to a malicious website. You click on the link because it appears to be trusted. Merely visiting the website may infect your computer or you may be tricked into signing into the malicious site with credentials from a site you trust. The attacker then has access to your username, password and any other sensitive information they can trick you into providing.

This variant of a phishing attack uses unicode to register domains that look identical to real domains. These fake domains can be used in phishing attacks to fool users into signing into a fake website, thereby handing over their login credentials to an attacker.

This affects the current version of Chrome browser, which is version 57.0.2987 and the current version of Firefox, which is version 52.0.2. This does not affect Internet Explorer or Safari browsers.

We created our own example to demonstrate how an attacker can register their own domain that looks identical to another company’s domain in the browser. We decided to imitate a healthcare site called ‘epic.com’ by registering our own fake site. You can visit our demo site here in Chrome or Firefox. For comparison you can click here to visit the real epic.com.

Here is what the real epic.com looks like in Chrome:

(Excerpt) Read more at wordfence.com ...


TOPICS: Chit/Chat; Computers/Internet; Conspiracy; Miscellaneous
KEYWORDS: chrome; firefox; palemoon; phishing; windowspinglist
Navigation: use the links below to view more comments.
first 1-2021-4041-45 next last
Excerpted due to images following the excerpted text.
1 posted on 04/18/2017 12:13:20 PM PDT by Tolerance Sucks Rocks
[ Post Reply | Private Reply | View Replies]

To: humblegunner

No, it’s not my blog.


2 posted on 04/18/2017 12:13:37 PM PDT by Tolerance Sucks Rocks (April 2006 Message from Dan: http://www.dansimmons.com/news/message/2006_04.htm)
[ Post Reply | Private Reply | To 1 | View Replies]

To: 3D-JOY; abner; Abundy; AGreatPer; Albion Wilde; AliVeritas; alisasny; ALlRightAllTheTime; ...

You can implement the Firefox fix on the Pale Moon browser also. I’ve already done it on both Firefox and Pale Moon.

Combined General and Maryland “Freak State” PING! with a DANG! thrown in as well.


3 posted on 04/18/2017 12:15:27 PM PDT by Tolerance Sucks Rocks (April 2006 Message from Dan: http://www.dansimmons.com/news/message/2006_04.htm)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Tolerance Sucks Rocks

So how does one go about doing the Firefox fix?


4 posted on 04/18/2017 12:17:15 PM PDT by 21twelve (http://www.freerepublic.com/focus/f-news/2185147/posts FDR's New Deal = obama)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Tolerance Sucks Rocks

I use Firefox. Please tell a techno-clueless old lady how to fix Firefox for this issue. Thanks.


5 posted on 04/18/2017 12:20:14 PM PDT by Bigg Red (Vacate the chair! Ryan must go.)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Tolerance Sucks Rocks
No, it’s not my blog.

Good. I hate to see folks descend into that blog depravity.

6 posted on 04/18/2017 12:22:05 PM PDT by humblegunner
[ Post Reply | Private Reply | To 2 | View Replies]

To: 21twelve

the instructions are laid out in the original article.


7 posted on 04/18/2017 12:22:27 PM PDT by Tolerance Sucks Rocks (April 2006 Message from Dan: http://www.dansimmons.com/news/message/2006_04.htm)
[ Post Reply | Private Reply | To 4 | View Replies]

To: Bigg Red

See the original article. The instructions are there, and they are fairly easy to follow.


8 posted on 04/18/2017 12:23:14 PM PDT by Tolerance Sucks Rocks (April 2006 Message from Dan: http://www.dansimmons.com/news/message/2006_04.htm)
[ Post Reply | Private Reply | To 5 | View Replies]

To: Tolerance Sucks Rocks

Often, when I go to Lucienne Goldberg’s website, a new window pops up saying critical Chrome update needed. Obviously a scam, but I haven’t figured out how to stop it.


9 posted on 04/18/2017 12:24:36 PM PDT by Oldhunk
[ Post Reply | Private Reply | To 1 | View Replies]

To: Bigg Red

Its really easy. The linked Wordpress article tells you in detail what the problem is & the steps to fix it, 60 second fix.


10 posted on 04/18/2017 12:29:54 PM PDT by JayGalt
[ Post Reply | Private Reply | To 5 | View Replies]

To: Oldhunk

I have an Samsung “S7 Edge” running Android v7 (Nutmeg).

When I go to “Gateway Pundit”, there are multiple pop up tabs warning of malware and all kinds of crap. It takes forever for the site to load...if it ever does.

No problem on my laptop running Chrome/Win10


11 posted on 04/18/2017 12:32:05 PM PDT by newfreep ("If Lyin' Ted was an American citizen, he would be a traitor.")
[ Post Reply | Private Reply | To 9 | View Replies]

To: Oldhunk

You could always try an Adblock add-on.


12 posted on 04/18/2017 12:32:38 PM PDT by Tolerance Sucks Rocks (April 2006 Message from Dan: http://www.dansimmons.com/news/message/2006_04.htm)
[ Post Reply | Private Reply | To 9 | View Replies]

To: Tolerance Sucks Rocks

I would hope that the only people who are foolish enough to click a link work for the DNC, but that said, this is something that needs to be addressed immediately.


13 posted on 04/18/2017 12:33:24 PM PDT by kingu (Everything starts with slashing the size and scope of the federal government.)
[ Post Reply | Private Reply | To 1 | View Replies]

To: Tolerance Sucks Rocks

Thanks for posting. Useful tip!


14 posted on 04/18/2017 12:36:53 PM PDT by Slings and Arrows (My music: http://hopalongginsberg.com/ | Facebook: Hopalong Ginsberg)
[ Post Reply | Private Reply | To 3 | View Replies]

To: Tolerance Sucks Rocks

Thanks. FF just issued an update which I downloaded right away.


15 posted on 04/18/2017 12:45:40 PM PDT by hsmomx3
[ Post Reply | Private Reply | To 1 | View Replies]

To: JayGalt

Thank you. I admit that I was afraid to click on the link.


16 posted on 04/18/2017 12:52:59 PM PDT by Bigg Red (Vacate the chair! Ryan must go.)
[ Post Reply | Private Reply | To 10 | View Replies]

To: Tolerance Sucks Rocks

OK. Thanks, FRiend.


17 posted on 04/18/2017 12:53:27 PM PDT by Bigg Red (Vacate the chair! Ryan must go.)
[ Post Reply | Private Reply | To 8 | View Replies]

To: hsmomx3

Make sure that update actually fixed the problem.


18 posted on 04/18/2017 12:53:39 PM PDT by Tolerance Sucks Rocks (April 2006 Message from Dan: http://www.dansimmons.com/news/message/2006_04.htm)
[ Post Reply | Private Reply | To 15 | View Replies]

To: Tolerance Sucks Rocks

Tried it on my Linux computer, doesn’t apply. no network.idn Preference Name.


19 posted on 04/18/2017 1:04:03 PM PDT by bicyclerepair (MAGA - DRAIN THE SWAMP ! - I love my online family of FReepers.)
[ Post Reply | Private Reply | To 18 | View Replies]

To: Tolerance Sucks Rocks

I know I sound really dumb when I ask this:

When I go to the Firefox location bar I get FR (my home page). Is this the Firefox location bar? If not, where is it? I don’t know where to type about:config, etc.


20 posted on 04/18/2017 1:25:45 PM PDT by rightazrain ("Suppose you were an idiot...suppose you were a member of Congress. But I repeat myself" -Mark Twain)
[ Post Reply | Private Reply | To 7 | View Replies]


Navigation: use the links below to view more comments.
first 1-2021-4041-45 next last

Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.

Free Republic
Browse · Search
Bloggers & Personal
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson