The Internet
A New Phishing Attack
We were intrigued when looking at the demo of what has been dubbed ‘tabnabbing’, a new type of phishing attack discovered by Aza Raskin from Mozilla. Different from the more contemporary phishing attacks that generally lure victims directly to the malicious phishing page through emails and links, this attack could load a malicious phishing page in the background while the user is browsing another tab. For example, a user could be enticed to visit what is an apparently normal web page, not a phishing page. When the user’s browser is interrogated, a phishing page for a service the user has actually visited could be opened. However, this would happen in the background and a user may not notice at all and might unwittingly enter details into the malicious page. How this works is probably best explained by the proof of concept page provided by Raskin which, currently, is no longer publicly available. Another demonstration page created by Aviv Raff and based on a mockup of the Brian Krebs blog article on tabnabbing is also available (see links below).
The issue appears to affect all major browsers, though results vary between browsers and operating systems. The remediation for this issue would be to completely disable Javascript in the browser. The Raff demo is notable in that it can work against Firefox, even with the popular Noscript add-on installed. We do suggest readers familiarize themselves with this issue.
http://krebsonsecurity.com/2010/05/devious-new-phishing-tactic-targets-tabs/
http://avivraff.com/research/phish/article.php?406707075
Wardriving and Open Wireless Networks
Stories about the number of unprotected wireless networks used to be common place but it has been some years now since WPA and then WPA2 have become prevalent. WPA2 is relatively easy to setup and provides a good level of encryption and authentication. So, we were somewhat surprised to read the results of a wardriving exercise conducted by the state police in various regional centers across Queensland, Australia. The results have led to the police estimating that some fifty percent of the wireless internet connections in Queensland of having no or minimal security settings enabled, no password, or still have the default password on their wireless device. Perhaps more disturbing is a comment from Detective Superintendent Brian Hay of the Queensland state police, “We know that the crooks are out there, scanning the environment and identifying these vulnerable networks, plotting them and then selling the information.”
Open wireless systems present many dangers and while we consider the results of the wardriving exercise would reflect largely on domestic wireless systems, these same systems may well be used by corporate employees when working from home. While we would expect most remote access systems to be encrypted or utilize a VPN for access, corporate resources or information might still be exposed. We suggest that at the business level, staff are made aware of the dangers of using open wireless systems and we urge all people who have wireless access points in their homes or businesses to verify that their systems are configured to operate in a secure manner.
http://www.couriermail.com.au/news/technology/half-of-wireless-networks-unsecured-in-queensland/story-e6frep1o-1225870268562
In: Education, Security · Tagged with: phishing, Wardriving
One Response
Subscribe to comments via RSS
Subscribe to comments via RSS
Leave a Reply
You must be logged in to post a comment.
on May 27, 2010 at 8:49 AM
Permalink
[...] http://www.informationarmor.com/2010/05/27/the-internet/ var a2a_config = a2a_config || {}; a2a_config.linkname="Phishing and Wardriving"; a2a_config.linkurl="http://www.azitmgmt.com/2010/05/phishing-and-wardriving/"; SecurityPhishing, Security, threats, Wardriving ← Google Apps and SocialWok – WIN! Leave a comment0 Comments. [...]