Sunday, May 16, 2004
Bad guys can easily disguise where a Web link goes
You're used to clicking on a link and going someplace useful. After all, that's what the web is all about.
Even if the link has some useless text like "click here", you still expect that you can find out where it goes by running your mouse over it.
In some browsers, that may not work. Play with the link below. The results will depend on what browser you're running. Most versions of Microsoft Internet Explorer will be completely fooled.
Run your mouse over this. Look at the bottom of the window. Does it say Coke, or Pepsi? Now click and see where you go.
(Danish security firm secunia.com reported this problem last year).
Bad guys have been using tricks like that one to make you think you're visiting some trusted site like your bank's when you're actually going someplace controlled by the bad guys.
Internet Explorer is so vulnerable to tricks like this that Microsoft actually tells you to type in URLs instead of clicking them: http://support.microsoft.com/default.aspx?scid=kb;[ln];833786
|
Even if the link has some useless text like "click here", you still expect that you can find out where it goes by running your mouse over it.
In some browsers, that may not work. Play with the link below. The results will depend on what browser you're running. Most versions of Microsoft Internet Explorer will be completely fooled.
Run your mouse over this. Look at the bottom of the window. Does it say Coke, or Pepsi? Now click and see where you go.
(Danish security firm secunia.com reported this problem last year).
Bad guys have been using tricks like that one to make you think you're visiting some trusted site like your bank's when you're actually going someplace controlled by the bad guys.
Internet Explorer is so vulnerable to tricks like this that Microsoft actually tells you to type in URLs instead of clicking them: http://support.microsoft.com/default.aspx?scid=kb;[ln];833786
# posted by Frederick @ 6:45 PM Email to a friend:
Haloscan: they provide trackback