Re: "New Universal Man-in-the-Middle Phishing Kit" ?

In article <1169034925.898099@xxxxxxxxxxxxxxxxxxxxxxx>,
mak <mak@xxxxxxxxxx> wrote:

http://www.rsasecurity.com/press_release.asp?doc_id=7667

...snip...
How it works

Using the Universal Man-in-the-Middle Phishing Kit, the fraudster creates a
fraudulent URL via a simple and
user-friendly online interface. This URL communicates with the legitimate
website of the targeted organization in
real-time - whether it is the online banking site of a financial institution,
the order tunnel of an ecommerce company,
or any other such business transacting with its users online. The victim
receives a "standard" phishing email, and when
clicking on the link s/he is directed to the fraudulent URL. The victim then
interacts with genuine content from the
legitimate website - which has been "imported" by the attack into the
phishing URL - thus allowing the fraudster
seamless, invisible and immediate access to the victim's personal
information.

...snip...
how does an URL communicate with anything?

They mean "the server accessed via the URL".

and why wouldn't my browser complain about an invalid certificate for my
banks site?

You're not going to your bank's site, your going to the phisher's site
because you clicked on the fraudulent URL he sent you. The phisher has
a valid certificate for his own site, of course, so there's nothing for
your browser to complain about (it has no way of knowing where you
*think* you're going).

--
Barry Margolin, barmar@xxxxxxxxxxxx
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***
.

Quantcast