• Welcome to Valhalla Legends Archive.
 

Fully Patched IE Users At Risk

Started by hismajesty, June 13, 2004, 08:17 AM

Previous topic - Next topic

Arta

I'd say those exploit stupid people just as much as they do IE. Who in their right mind would click on one of those links? I use IE & Firefox as well - IE most of the time.

Zeller

I love the ctrl-t thing mozilla has but im to used to clicking on the IE icon. I tried replacing it mozilla's so we will see how that works out.

iago

Quote from: muert0 on June 14, 2004, 02:37 AM
Quote from: Mephisto on June 13, 2004, 07:24 PM
There's nothing wrong with Internet Explorer.  I prefer it over the other Browsers.  And why do you think it's the "Award Winning Browser"?

Here's a good reason not to use I.E. but they may have fixed this already.
http://spamwatch.codefish.net.au/modules.php?op=modload&name=News&file=article&sid=55
http://www.tjhsst.edu/~agupta/ecard-hijack/

They aren't going to fix that for sure, because it's not a problem.  The correct form for a url is
[protocol]://[username]:[password}@[host]/[path]
We just happen to use the shortened form which automatically logs in as anonymous.  Every browser should let that happen.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Thing

What a coincidence.  Look what I just received this morning:

QuoteReceived: from scott ([201.128.172.254])
       by mail.vpnsys.net (Merak 7.4.2) with SMTP id HRA74455
       for <my email address>; Mon, 14 Jun 2004 10:38:07 -0500
Message-ID: <[email protected]>
From: "Scmercer" <[email protected]>
Date: Mon, 14 Jun 2004 10:32:59 -0600
To: my email address
Subject: [Spam] U.S. Bank Important Warning Message
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Content-Type: text/html; charset=iso-8859-1

<HTML><BODY bgcolor=

#f4f2ee><DIV><TD height=47><IMG hspace=10 src=

"https://www4.usbank.com/internetBankingStatic/images/logo.gif" border=0></TD><P><B>
<SPAN style="FONT-SIZE: 12px; COLOR: #000066; FONT-FAMILY: 'Arial, Helvetica, Verdana';">
           Dear U.S. Bank valued customer,<font color=

"#fffff1">Uraniaresidences</font><br><br>
Due to concerns, for the safety and integrity of the online banking community we have issued this warning message.<br><br>It has come to our attention that your account information needs
to be updated due to inactive customers, fraud and spoof reports.<br>If you could please take 5-10 minutes out of your online experience and renew
your records you will not run into any future problems with the online service.<br>However, failure to update your records may result in your account suspension.
This notification expires on June 15, 2004<br><br>Once you have updated your account records your internet banking
service will not be interrupted and will continue as normal.<br><br>Please follow the link below
and renew your account information.<br><br><a hrefMunseyhref=http://megabyte.com href=

"http://www.usbank.com@202.39.13.130/www/us/verify.html" onMouseMove="window.status='http://www.usbank.com/internetBanking/RequestRouter?requestCmdId=DisplayLoginPage';return true;" onMouseout="window.status=''">http://www.usbank.com/internetBanking/RequestRouter?requestCmdId=DisplayLoginPage</a>
<br><br><br>U.S. Bank Internet Banking<font color=

"#fffff1">Palmyrastrait</font>

Those sneaky guys. :P  Maybe I'll follow that link and see what the heck is really going on later today.
That sucking sound you hear is my bandwidth.

hismajesty

I followed it, it will probably catch a lot of people too. :\

iago

I was looking at the source for both that and the real bank site, and here they are in .txt:

www.valhallalegends.com/iago/bank/realbank.txt
www.valhallalegends.com/iago/bank/fakebank.txt

I didn't actually click the link since I only have ie at school and I don't want a virus, but it looks like the fake one either loads the real one or copies/pastes the source from the real one..
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


muert0

It was just an example of some of the crap some people try to pull off and those aren't the greatest examples. I guess really bad social engineering. But the people it does trick it really screws over. And a lot of older people who get computers just start going all over looking at anything and don't think twice about it.
To lazy for slackware.

iago

Quote from: muert0 on June 14, 2004, 11:38 PM
It was just an example of some of the crap some people try to pull off and those aren't the greatest examples. I guess really bad social engineering. But the people it does trick it really screws over. And a lot of older people who get computers just start going all over looking at anything and don't think twice about it.

The good thing is that people who don't understand computers often don't feel safe doing online banking.  The ones who do get screwed, but they should know better :/
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


j0k3r

#23
EW. Opera is decent, but has an advertisement, which is hard to get over. Firefox looks better than Opera because no advertisement, but I spent the last 10minutes trying to import my favourites to no success. I've got beef with these browsers.

Also, first thing I noticed is their lack of alt+d and ctrl+enter, EW.

Edit: Oh, and the link to the main forum, sub forum, topic etc at the top of the page all gets highlighted when I mouse over in Opera.
QuoteAnyone attempting to generate random numbers by deterministic means is, of course, living in a state of sin
John Vo

iago

Don't forget to look up Mouse Gestures in Opera, they're very handy.  For example, hold the right button and click left for back, and hole left and click right for forward -- very handy.
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


Arta

I already have special buttons for those :P

iago

#26
Quote from: Arta[vL] on June 17, 2004, 08:30 AM
I already have special buttons for those :P

Me too, but they don't work in Linux.

There are also shortcuts for homepage, new window, search page, rewind/fast forward (all the way back or forward), and lots of other stuff.  I just don't remember them all, I do them one at a time :)
This'll make an interesting test for broken AV:
QuoteX5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*


muert0

To lazy for slackware.

Stealth

There's a Gestures plugin for Mozilla/Firefox as well.
- Stealth
Author of StealthBot

Zakath

Quote from: j0k3r on June 17, 2004, 06:04 AM
EW. Opera is decent, but has an advertisement, which is hard to get over. Firefox looks better than Opera because no advertisement, but I spent the last 10minutes trying to import my favourites to no success. I've got beef with these browsers.

Also, first thing I noticed is their lack of alt+d and ctrl+enter, EW.

Edit: Oh, and the link to the main forum, sub forum, topic etc at the top of the page all gets highlighted when I mouse over in Opera.

Opera has advertisements? Where?! :P

Incidentally, what's wrong with the highlighting? It's not like it hurts your eyes.
Quote from: iago on February 02, 2005, 03:07 PM
Yes, you can't have everybody...contributing to the main source repository.  That would be stupid and create chaos.

Opensource projects...would be dumb.

|