Putting Phishers In The Banking Frame

By | March 16, 2005

Phishers are smart, and banks are dumb. At least, it seems that way. Here’s another example of what’s called a cross site scripting vulnerability attack, which basically lures the victim to what seems, both in the phishing email and in the website it links to, to be a genuine website belonging to Charter One Bank.

My phishing guru Daniel McNamara explains that the long URL — which begins with a legitimately looking http://www.charterone.com and contains none of the usual hidden URLs further down the URL — actually contains a link to a frame, which “effectively allows the phishers to load a frame containing their site withing the real charterone site”. This frame appears in the browser inside the legitimate page http://www.charterone.com/legalcenter/do_not_solicit_confirm.asp . It looks like this:

Charterone

I’m going to run this by CharterOne to see what they have to say about it, but as Daniel points out, “it’s a pretty bad failing. a fairly common one unfortunately.”

3 thoughts on “Putting Phishers In The Banking Frame

  1. JW

    After contacting Charter One (well, their parent Citizens Bank) this hole has been plugged. They haven’t replied to my questions yet, however.

    Reply
  2. Pingback: Chris Mosby at myITforum.com

  3. Pingback: Mary's Blog

Leave a Reply to JW Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.