Phishing Alert / Malicious Code: Traffic Redirection

WebsenseŽ Security Labs has observed an increase in phishing attacks that use modifications to the Windows hosts file to deceive users. Various exploits and social engineering tricks are used to execute malicious code that appends several entries to the Windows hosts file. These entries redirect traffic from the legitimate web addresses of several banks to the IP address of a phishing site created by the attacker. The next time the user attempts to visit one of the targeted banks, they are instead redirected to arrive at a phishing site. However, the web address shown in the browser's address bar appears to be the correct address. The logon information of the unsuspecting user is captured, as they attempt to access the site. WebsenseŽ - Security Labs Alert: Traffic Redirection

Linked by shanmuga Tuesday, 6th December 2005 3:40AM