Discussion in 'other security issues & news' started by Peaches4U, Aug 18, 2004.

Thread Status:
Not open for further replies.
  1. Peaches4U

    Peaches4U Registered Member

    Nov 22, 2002
    At my computer
    If u use IE as ur browser u might want to consider downloading Spoofstick especially if u do online banking - otherwise i recommend downloading FireFox as ur default browser. i am currently using firefox. firefox also has a popup blocker - add to it the google toolbar and u are set. here is some info on spoofstick if u prefer to stay with IE.... DO NOT uninstal IE as it is necessary for getting ur windows updates/patches if u decide to use another browser as ur default.

    Spoofstick is one of several solutions to a relatively new problem: "spoofing" or faking a website for the purpose of gaining valuable personal information from unsuspecting internet users.

    Recently scammers have found ways to make a fake website look almost exactly like a legimate financial website and will send email with a link to the fake site in it claiming that you need to login and verify your account information, etc. Even the address (URL) looks correct and they have found a way to fake the little "lock" symbol to make everything look kosher. But it is not the correct site or even associated with a bank... it is merely collecting your banking information so that the scammers can withdraw and transfer funds from your accounts!

    Spoofstick gives a layer of protection by displaying on your screen, while browsing, a secondary verification of what URL you are actually connected to. If you do a lot of online banking and use Microsoft Internet Explorer, this seems like a wise tool to have.

    Avante and almost all browsers other than Internet Explorer are currently immune to this problem because IE has the largest number of copies running and so is targeted to insure the greatest number of scams possible. The scammers that do this have to get in and out quickly before they get caught, so maximum impact in a minimum timeframe is very important to them.
  2. nick s

    nick s Registered Member

    Nov 20, 2002
  3. Alec

    Alec Registered Member

    Jun 8, 2004
    Dallas, TX
    Ok, I haven't really read up on Spoofstick yet. It probably is a worthwhile utility and I know there is a company called WholeSecurity that is apparently making a decent business model of providing enterprise customers and corporate clients like eBay with similar sounding anti-phishing and anti-site-spoofing tools and utilities.

    But, my question is this: What makes you think that other browsers are more immune to social engineering attacks like phishing/site-spoofing than IE? Social engineering attacks, essentially by definition, exploit human weaknesses not technological weaknesses. Certainly, I could perhaps couple a phishing email with a site that perhaps exploits some IE flaw for some other nefarious purpose... but why bother if I can just make my site look enough like the real thing to just have users simply fill out a form with their account number and password? Ultimately that's probably what I want anyway, the financial account number and identifying information like name, address, SSN's, PIN's, and passwords. Why bother trying to plant a RAT and bother trying to crack into the information in some other way if I can just get you to hand it over to me? I don't see how that is technology dependent as long as I make my HTML look enough like the real thing.

    Now, I don't want to get into a big browser battle because there are just too many people way too passionate about their beliefs, but I'm genuinely asking the question because I think far too many people sometimes erroneously associate social engineering tricks with product vulnerabilities. I know about IE's weaknesses. I know about the CERT statistics. I know about how the MSHTML control is utilized in various places in other parts of the OS. But this isn't about that. For all of the statistics, hand-waving, and jumping up-and-down the hard truth is that by far the largest number of vectors for malware infiltration on the average Windows machine are: 1) SOCIAL ENGINEERING, 2) unpatched RPC/DCOM vulnerabilities, or 3) vulnerabilities in 3rd party programs for things like P2P and IM. IMHO, those are the 3 biggies. Raw, hardcore IE-specific attacks like Download.Ject are way down the list. IMHO, people need to educate their friends and neighbors far more about threats 1, 2, and 3 and the benefits of a software or hardware firewall and regular system patching then they need to stress about IE/Firefox/Opera/etc.

    Sorry for the tirade, but sometimes I just don't get the hysteria.
  4. meneer

    meneer Registered Member

    Nov 27, 2002
    The Netherlands
    You're so right.

    But have you tried?
    I keep reminding the users in our company NOT to open any suspect e-mail messages. And yet, they still do. Glad we use some form of layered security (we're professionals here).

    Computers are like black magic to most people. Heck, security is black magic. People don't know about 1,2 and 3. Even our promoting other software doesn't help. Regular end users are lazy. So software should be reliable.

    It's not quite hysteria. Software should be reliable. Microsoft patching XP is on the right track. But how can we protect ourselves from hundreds of millions of unpatched, XP and non XP systems/users?
    Wanna bet what percentage of XP users applies SP2 within one yeart? I'd say 50% max...
  5. Pigman

    Pigman Registered Member

    May 15, 2004
    There's also Spoofstick for Firefox, you can get it at the Firefox extensions page...
Thread Status:
Not open for further replies.