[clug] New script based Phishing makes Windows even less safe.

Daniel McNamara daniel at codefish.net.au
Tue Nov 9 00:34:08 GMT 2004 

I might note that message labs is talking this one up a bit. Of course 
they happen to sell filtering technology so it's in their interest to do 
so but exploits like this are hardly new and there's a bit more to it 
than simply opening an email. I've done a lot of work in phishing email 
investigation  over the last year and whilst linux users are more or 
less immune to the trojans and exploit methods of phishing they are just 
as vulnerable to the stock standard social engineering ones as anyone 
else (although most linux browsers have built in pop up blocking which 
does significantly reduce their chances of being caught out by them).

Whilst banks should make their Internet banking portals as OS 
independent as possible there are quite few issues behind the scenes 
that people generally don't pay attention to ( security, support, cost, 
contractors, management requirements etc). Banks are slowly getting the 
idea they need to support other OS's and like any large organisation 
change will take a while (immutable law of business).

Daniel McNamara
Code Fish Sys Admin

clug at james.st wrote:

>Is it time for a new push to revive Linux internet banking at St George?
>
>According to 
>http://www.theregister.co.uk/2004/11/04/phishing_exploit/
> it is now possible that simply viewing an email
> could run scripts that re-write your hosts file
> re-directing ALL e-bank connections to a phishing lookalike.
>Of course it only works for Windows,
> just like St George internet banking.  8^(  
>
>Alex Shipp, senior anti-virus technologist at MessageLabs, said: "By 
>reducing the need for user intervention, the perpetrators are making it 
>easier to dupe users into handing over the contents of their bank 
>accounts. Most banks have advised their customers to be wary of any 
>email asking for personal banking details, but in this case all they 
>have to do is open an apparently innocent email and their bank details 
>could be silently sabotaged.
>
>"We currently detect between 80 and 100 new phishing websites a day, 
>showing just how prolific the threat has become. It is a moving target, 
>making it harder to identify and defend against," he added.
>
>michaelj
>  
>

More information about the linux mailing list