NOW READ THIS
("Security Advisory")

Go Back

---

Submitted by: Bill Hickey
NCVA Listmaster
Distributed via NCVA REFLECTOR: 2007-01-11 0140z

NRT-0005 Computer Security "Man-in-the-Middle":

Hackers have created a bogus web site to trick users of Amazon.com into giving up their login information, according to an online IT security blog site. The attack begins with an email message asking users to update their account credentials because Amazon.com has detected unauthorized activity. Unsuspecting email recipients who follow the link are brought to a bogus login page that resembles the real thing but comunicates between the user's PC and the legitimate Amazon site. The attacks - a similar one hit Citibank this summer - are particularly dangerous because neither party knows what is happening. The trick is further legitimized if users enter the wrong login information. They are shown the usual page that appears when incorrect usernames and passwords are entered on the real Amazon site. The Amazon attack has a weakness, however, in that the URL of the bogus site is not spoofed to reflect the genuine Amazon site. Also, new anti-phishing technology included in the latest Internet Explorer (IE-7) and FIREFOX browsers appears to flag the site as being illegitimate. You may expect this kind of attack to become more sophisticated.

Last Modified: Saturday, 20-Jan-2007 17:56:45 EST