New internet banking scare

Money News

www.moneynews.co.uk > Banking > New internet banking scare

Topics

bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet

Features

bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet

Companies

bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet

Money News

bullet
bullet
bullet
bullet
bullet

New internet banking scare

A new technique that can be used by hackers to make internet bank users unknowingly surrender sensitive information has been uncovered.

According to Secunia, an online security firm, a function built into all major web browsers gives hackers the ability to control the content on legitimate websites, such as bank sites.

Phishing is an online fraud method, where scammers send out messages purportedly from a bank, asking customers to follow re-enter their details on a website they control.

Customers' details are recorded and can be used by fraudsters to take money out of their bank accounts.

The new phishing method is a hack of a legitimate feature, wresting control of pop ups to the hacker. It affects Microsoft's Internet Explorer, the Mozilla Foundation's Mozilla and Firefox browsers, Opera's browser, the open-source Konqueror browser and Apple Computer's Safari.

The security firm is critical of the browser vendors for not being proactive in tackling this problem.

Thomas Kristensen, chief technology officer for Secunia, said: "No browsers warn or check if the other site is allowed to change the content of the pop-up window.

"If the pop-up window is opened because the users clicked on a specific functionality, the user has no reason to suspect that the content in the window has been changed by a malicious site."

The revelation is the latest in a series of phishing attacks on websites, the latest coming this morning against Lloyds TSB.

Related News : Banking

bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet
bullet