Kitz Forum
Chat => Tech Chat => Topic started by: broadstairs on December 11, 2013, 12:06:34 PM
-
Another forum I frequent has today seen an attack where a new user posted a seemingly valid thread with a link to show his problem, when you clicked on this link it displayed an identical page to the standard forum requesting you logged in again attempting to trick the user into thinking they had been logged out, if you entered a user/password and hit enter it took you back to the genuine forum start page. Needless to say if you did check the url it was not the correct one but I wonder how many folks actually always check this at login time. Not sure if they wanted to hijack the forum in some way or merely harvest user/password combinations which may have been used for say a banking application or the like.
Stuart
-
I wonder how that works with autocomplete in browsers?
Would it detect the site is different and not autocomplete? I rarely bother to enter passwords anymore, but certainly one to watch out for!!
-
It sounds like another attempt to harvest people's username/password combinations.
Browser saved passwords are linked to particular web addresses, so I don't think that the dummy site will be able to use them unless the user actually enters them again.
-
Thing is though auto-complete does not ALWAYS function so sometimes I have to enter user and/or passwords... it can be turned off on a web page.
Stuart
-
You could type your passwords in, it isn't a key logger.
It's phishing website as you click 'Login' your Username and Email will be emailed to a email address the phisher has specified. Alternatively it will add a string into his .html file on his FTP server.
-
Don't think that would work with me, as my logins are URL specific.
-
It wont work with any auto complete unless they spoof the address in the url bar some way, however it is possible for a website to stop any automatic filling in of user and password combinations and in this case people can be fooled into doing it manually. The particular forum it happened on does not prevent auto completion so in that case it might raise an eyebrow to the user. I suspect the reason was to harvest user/password combinations which might work elsewhere as so many folks on the net user the same combinations for all their logins.
Stuart