Wednesday, June 17, 2009

Phishing with URL Obfuscation continues in Safari 4

Well it is hard to believe, but the new version of Apple’s browser “Safari 4” still continues to be vulnerable to URL obfuscation techniques. All other browser vendors, whether it is Internet Explorer, Firefox, Opera or Chrome, have fixed this issue long time ago. However, everyone had fixed this issue using completely different solutions, which brings up the question that shouldn’t they follow a common standard ??

For those of you who don’t know what URL obfuscation is, it is an age old technique that phishers used to spoof legitimate websites like popular banks, etc. The phisher will send spam emails claiming to come from your bank and if you fall for the spoof, you might end up giving up your credentials. Among the popular techniques, this one I feel is the most important one as it tries to exploit link embedded authentication which is done using a url format An attacker can use overly long urls to completely hide the suspicious part in your address bar which is “” or something like “@evilwebsiteip (xx.xx.xx.xx)” with different number encoding methods.

See Inferno’s Blog for more

No comments: