Miles Associates LLC

Jim Miles – IT & IT Security Consultant – Web Sites for Growing Organizations

Phishers use HTML attachments to evade browser blacklists

To get around phishing blacklists in browsers, scammers are luring people by using HTML attachments instead of URLs, a security firm is warning.

Chrome and Firefox are good at detecting phishing sites and warning Web surfers via a browser notice when they are about to visit a site that looks dangerous. So good, in fact, that scammers are resorting to a new tactic to lure victims into their traps via e-mails–attaching HTML files that are stored locally when they are opened, according to an M86 blog post yesterday.

After the user fills in a form with the information the scammers want to steal and clicks “submit,” the HTML form sends the data through a POST request to a PHP Hypertext Preprocessor script hosted on a legitimate Web server that has been compromised…

“Months-old phishing campaigns remain undetected, so it seems this tactic is quite effective,” the blog post says…

To protect against this, people should avoid opening HTML attachments if the e-mail seems suspicious and [should] not provide any information in forms. Financial institutions do not send such attachments to customers.

via CNET News.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s