IE7 and Vista: Using IE7 and Vista Safely: Page 2

(Page 2 of 5)

Web Spoofing

Web spoofing is a means by which an attacker is able to see and even make changes to Web pages that are transmitted to or from another computer (the target machine).These pages include confidential information such as credit card numbers entered into online commerce forms and passwords that are used to access restricted Web sites. JavaScript can be used to route Web pages and information through the attacker’s computer, which impersonates the destination Web server. The attacker can send e-mail to the victim that contains a link to the forged page, or put a link into a popular search engine. SSL doesn’t necessarily prevent this sort of “man in the middle” attack; the connection appears to the victim to be secure, because it is secure.

The problem is that the secure connection is to a different site than the one the victim thinks he is connecting to. Hyperlink spoofing exploits the fact that SSL doesn’t verify hyperlinks that the user follows, so if a user gets to a site by following a link, he can be sent to a spoofed site that appears to be legitimate.

ie7 and vista, internet explorer and vista

This article is excerpted from “Vista for IT Security Professionals.” To order this book, please visit Syngress.

Web spoofing is a high-tech form of con artistry. The point of the scam is to fool the user into giving confidential information such as credit card numbers, bank account numbers, or Social Security numbers (SSNs) to an entity that the user thinks is legitimate, and then using that information for criminal purposes such as identity theft or credit card fraud. The only difference between this and the “real-world” con artist who knocks on a victim’s door and pretends to be from the bank, requiring account information, is in the technology used to pull it off.

Certain clues may tip off an observant victim that a Web site is not what it appears to be, such as the URL or status line of the browser. You may think you are going to a Web site simply because it’s listed in the URL field, while in another location on the browser, it’s indicated that you are going to a different URL. An attacker can also use JavaScript to cover his or her tracks by modifying these elements from your view.

An attacker can even go so far as to use JavaScript to replace the browser’s menu bar with one that looks the same but replaces functions that provide clues to the invalidity of the page, such as display of the page’s source code. Later versions of browser software have been modified to make Web spoofing more difficult. Older browsers are highly vulnerable to this type of attack. Improvements in Internet Explorer thwart spoofing attacks, because now you can check the validity of each site you visit.

Page 2 of 5

Previous Page
1 2 3 4 5
Next Page

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.