secunia.com: Internet Explorer Window Loading Race Condition Address Bar Spoofing
I believe this was reported on before. However, considering what it can do, I thought it pertinent to post it this time around.
Basically, if you clicked on a link to go to a website, say google.com, you would expect Google to be the site where you would be directed. However, what if the text that you saw in the URL doesn't actually match the site that shows? As we all know, just merely visting a website (without clicking on anything after the website loads) could infect your machine with all kinds of malware (i.e. spyware, viruses, etc.). If you clicked on something that you thought was taking you to Google, and the web page that comes up looks like Google (I mean how hard is it to copy what the Google page looks like?) but really has some malicious code behind it, the machine would be infected instantly. Scary.
What do I do? I frequently type in my own URL's and stay away from sites that aren't safe. Then you ask what's safe and not safe. Well, the easiest things to stay away from are links that friends or acquaintances send you to "check out this cool thing." Those tend to be to lesser known sites that may or may not be safe. Two things to do if you really want to click on it. Look at the text for the link and type in the URL yourself (i.e. cnn.com) and find ths story yourself. You might say, what a hassle! But consider it like putting a lock/alarm on your house or car. You wouldn't just leave your house unlocked and go on vacation for 2 weeks would you?
Second thing you could do is go to a computer that you don't care about getting infected that isn't on your network or you could remove quickly. This, of course, isn't very practical for many folks, but hey, it is another option.
Stay virtually safe...
No comments:
Post a Comment