By Jennifer LeClaire E-Commerce Times
12/10/04 12:06 PM PT
Security firm Secunia reported that the vulnerability affects nearly all browsers, including Internet Explorer, Mozilla, Firefox, Konqueror, Opera, Netscape and Safari. The company said it alerted the browsers' developers of the vulnerability months ago.
Think you have to compromise on security to save on costs? Think Again. Trend Micro™ Enterprise Security, powered by the Trend Micro Smart Protection Network™, can lower your content security management costs by up to 40%. Find out just how much you’ll save with our TCO Impact Calculator.
Danish security firm Secunia has issued warnings about a vulnerability in most Web browsers that could open the door to hackers hijacking pop-up windows on trusted Web sites to launch phishing attacks.
The vulnerability can be exploited regardless of which Web site is the true "owner" of the pop-up window, according to Secunia. The fraudulent tactic attempts to trick consumers into providing personal and/or financial information.
Secunia reported that the vulnerability affects almost all browsers, including Internet Explorer, Mozilla, Firefox, Opera, Konqueror, Safari and Netscape. The company said it alerted the browsers' suppliers of the vulnerability months ago.
Threatening Landscape
Ken Dunham, the director of malicious code research at iDefense, a Reston, Virginia-based threat-intelligence firm, told the E-Commerce Times that hackers are getting more sophisticated and more difficult to catch.
"The reality is that for every attack that we do know about, there are others we don't," Dunham said. "We really don't have a clear picture as a public yet of the sheer nature of the threats that are out there."
What we do know is that it often starts in the e-mail box, according to MailFrontier Research. The e-mail security and anti-phishing software provider forecasts that more than 750 million phishing e-mails spoofing e-commerce sites will be sent during the holiday shopping season.
Hindering E-Commerce
The firm has identified that 20 percent of all phishing attacks target e-commerce sites. This is bad for e-commerce business, Anne Bonaparte, president and CEO of MailFrontier, said.
"We're continuing to see a significant impact on consumer behavior due to the rising threat of e-mail phishing scams," Bonaparte said.
"From its impact on consumer loyalty within the financial industry to potentially restraining online shopping this holiday season, the treat of e-mail phishing attacks is deterring 'business as usual'," she said.
Indeed, MailFrontier Research surveys have found that 29 percent of consumers said they would avoid shopping online this holiday season due to the rise of e-mail phishing scams.
Passwords Pose Windows Security Threat, Foundation Says December 09, 2004
For some security pros, the asterisk issue is just a fragment of a larger problem. "My belief is that companies need to be looking at moving towards using stronger authentication, such as tokens or biometrics, in place of or in conjunction with passwords," said Vadim Lander of Computer Associates.
Related Stories
Stocks Rally as Dollar Moves Up December 08, 2004
The dollar was up against both the yen and the euro, which some traders said suggested a belief among investors that officials in both Japan and the European Union would intervene to prop up the dollar to avoid creating trade imbalances as consumers flock to suddenly affordable U.S. goods.
Report Shows Uptick in Automated Phishing November 24, 2004
The APWG report indicated that the number of brands used for bogus phishing efforts -- eBay, PayPal, Microsoft and others -- is increasing. The report gave greater focus to the server side of phishing attacks, but indicated more company trademarks are likely to be used as the basis of fraud.
Will Antiphishing Legislation Be Effective? November 13, 2004
James Gildea, director of marketing for e-mail management firm IntelliReach, does not put much faith in such legal proposals. He sees attempts to legislate curbs on phishing attacks as having much the same results as recently enacted antispam laws. "To date, 32 states have enacted antispam laws. These laws haven't done much to stop the flood of spam," he said.
Related News Alerts
More by Jennifer LeClaire
The Digital Car: Cool Automotive Accessories, Part 2 January 16, 2007
Not all the latest high-tech automotive electronics are built to entertain. Many give the driver more information and more control. Vehicle tracking devices can tell where the car is at any time, software installed in a smartphone can turn off a vehicle's security system whenever the owner approaches, and diagnostic tools can tell what's wrong with the engine -- and how much it'll be to fix it.
'World of Warcraft' Wows 8 Million Subscribers January 12, 2007
"World of Warcraft," the massively multiplayer online role-playing game, has reached the 8 million subscriber mark. Since debuting in North America in Nov. 2004, "World of Warcraft" has become the most popular MMORPG in the world. The franchise is available in seven different languages and is played on at least four continents.
AT&T Bids Goodbye to Cingular Brand January 12, 2007
Starting Monday, AT&T will launch a multimedia campaign to transition the Cingular Wireless brand name into its advertising and customer communications. The campaign will integrate popular imagery, phrases and icons from Cingular's traditional advertising, including the "raising the bar" tagline, the "Jack" character and the color orange.
Headline Feeds
Talkback: 
