Posted on 01/17/2005 10:43:37 AM PST by holymoly
A number of recent phishing sites blocked by the Netcraft Toolbar community have had a common technique of using JavaScript to create a narrow popup window, which is then placed on top of the Address bar. A fake URL is entered into the popup, using the same default font as the real address bar. The script continually checks the location of the browser window and moves the popup accordingly, ensuring that it is always placed on top of the Address bar, thus obscuring the real URL of the phishing site.
The image above illustrates a live phishing site in action. In this case, the content looks genuine, as the URL appears to belong to the PayPal web site, https://www.paypal.com/cgi-bin/webscr?cmd=_login-run, but the content is really being served from a phishing site at http://quith.info/paypal/index.html. The only clue that something is wrong is that the browser is not displaying the padlock in the bottom right hand corner, indicating that this is not really a secure web page. A bug in the script also causes the popup window to remain visible even when the browser is minimized.
However, the Toolbar reveals the true location of the web site, which is hosted in Poland. People using the toolbar are then able to report the site, and thereby block access to the page for other less alert people using the Toolbar.
Similar attacks against institutions including PayPal, eBay, TCF Bank, Regions, GarantiBank and LloydsTSB, have been reported and blocked by the Toolbar community in the last few days. In all cases, nearly-identical scripts have been used, suggesting either that the same fraudsters are responsible for all of the attacks, or perhaps simply that fraudsters are copying ideas from each other.
This can affect all versions of Internet Explorer on Windows XP although the popup window does not correctly obscure the real URL if Service Pack 2 is installed.
The Netcraft Toolbar is currently available for Internet Explorer, and automatically blocks access to known phishing sites whilst displaying the longevity, hosting location and country for each site you visit. The toolbar can be freely downloaded.
Using Mozilla "Firefox" currently. I rarely use IE anymore....and my browser is Win98. I tried XP, thought it was garbage and reloaded 98. Been happy as a clam ever since.
Thank goodness for firefox.
Thanks for fixing that. ;)
Using Firefox as well but as far as rating XP as an OS; Its far superior to windows 98. Why you would sit on an old 95 kernel rather than the NT architecture is beyond me.
To me, it would be like buying a 1994 Firebird instead of a 2005 Mustang. Just doesnt make sense. Plus, 98 is far less secure than XP so im not sure what you are gaining.
I have two swappable drives on my pc. I used to run windows ME (one of the worst things ever) all the time but needed XP pro for a few apps.
XP still doesn't work with my flash card reader and doesn't want to play nice on my network, no matter what I try. At the same time after years of using ME I have everything tweaked to where it's extremely reliable and pretty fast. Every time I swap in the XP drive it's more annoying than impressive.
The only thing MS has going for it is the availability of apps. If I could get all the applications I need to run on linux, I would be there in a heartbeat.
Why does anyone use ANY Windows garbage?
Using a Mac since 1985. Virus, pop-up, spyware, "phishware" free!
XP requires a lot more horespower for acceptable performance than does 98. Could be XP ran like a lazy dog on their PC
Well, in my case, because my R/C Flight Simulator software requires it. That's the only reason I ever boot MS anymore.
Mostly because I'm using a six-year old computer with a P2 processor. I had to swap out my harddrive a couple years back, and added some additional RAM to my motherboard. At the suggestion of my manufacturer, I installed XP on the new harddrive, but it turned out to be incompatible with the rest of my hardware. So, I overwrote the HD with zeros, did a FAT32 partition, and then formatted and installed Win98 again.
The only problems I had recently with my IE was that some popup blocker software my ISP provided kept crashing my browser, so I shut that software off, resumed using Yahoo popup blocker, and then installed Firefox. I rarely use IE anymore, and Firefox doesn't crash like IE does. In fact, since I installed Firefox, I have less spyware on my machine, haven't seen the Blue Screen of Death, and can actually go to WorldNet Daily without my screen freezing from all the popups. Like I said, happy as a clam.
Who's going to ping Bush 2000 to this thread?
I agree. Windows 98 is extremely insecure... not to mention poor memory management, BSOD, etc... XP Pro SP2 is the way to go. :) ( I am sure the open source people with have something to say as well)
-dubie, MCP, CSSA
I've got the same thing going on with a "ysearchus" hidden presence. I've been trying to discover how to get rid of them.
I don't have xp and am still using the original version of Windows 98. I have some problems with 98 and primarily when exiting WordPerfect. Frequently, after having exited WP, I lose control of the cursor. I've reloaded 98 and WP and still have the same problem.
You. I guess. :-)
That is a legitimate reason though I would recommend, if you are using just for browsing and word processing, to use a Linux distro. They are quite secure and can perform as well on a lower end machine than XP can on a high end machine.
XP doesn't natively load netbeui, did you load the IPX/SPX/netbios protocol on XP? You'll find it will see your 95/98/ME machines thereafter. As for flash card readers, most don't require a driver with XP so I'm sort of suprised. What brand is it?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.