Putting Phishers In The Banking Frame

Phishers are smart, and banks are dumb. At least, it seems that way. Here’s another example of what’s called a cross site scripting vulnerability attack, which basically lures the victim to what seems, both in the phishing email and in the website it links to, to be a genuine website belonging to Charter One Bank.

My phishing guru Daniel McNamara explains that the long URL — which begins with a legitimately looking http://www.charterone.com and contains none of the usual hidden URLs further down the URL — actually contains a link to a frame, which “effectively allows the phishers to load a frame containing their site withing the real charterone site”. This frame appears in the browser inside the legitimate page http://www.charterone.com/legalcenter/do_not_solicit_confirm.asp . It looks like this:

Charterone

I’m going to run this by CharterOne to see what they have to say about it, but as Daniel points out, “it’s a pretty bad failing. a fairly common one unfortunately.”

3 thoughts on “Putting Phishers In The Banking Frame”

  1. After contacting Charter One (well, their parent Citizens Bank) this hole has been plugged. They haven’t replied to my questions yet, however.

  2. Pingback: Mary's Blog

Comments are closed.