Newly Discovered URL Spoofing Trick Affects I.E. and Safari
0 (0)

The Internet Patrol - Patrolling the Internet for You
Rate this post!
 

A newly discovered URL spoofing trick can affect anyone using I.E. versions up to and including 6.0.2800.1106, and Safari for Mac. (IE version 6.0.2900, Mozilla, and Firefox are not affected.)

The way that it works is that it allows the display of one URL, while when clicked, the user is actually taken to another site. While it does not mask the real URL of the landing site up in the address bar, if misused intentionally by malicious spoofers, particularly those phishing for information, an unwary user may not note the URL in the address bar, or catch minor differences in spelling.


Here is such a redirecting URL in practice:

http://www.amazon.com

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

 

Go ahead, click on it…

…it took you right back here, didn’t it? Even though it looked like you were going to go to Amazon’s website.

At present time it seems that the only choices for avoiding this spoof are either upgrading, switching browsers, or educating users. Of course, users should already know to never click a URL sent in spam, and should also be wary of sites not run by reputable companies.

 

No Paywall Here!
The Internet Patrol is and always has been free. We don't hide our articles behind a paywall, or restrict the number of articles you can read in a month if you don't give us money. That said, it does cost us money to run the site, so if something you read here was helpful or useful, won't you consider donating something to help keep the Internet Patrol free?
Click for amount options
Other Amount:
What info did you find here today?:

Rate this post!
 

6 thoughts on “Newly Discovered URL Spoofing Trick Affects I.E. and Safari
0 (0)

  1. One also has to be wary of java overlays that some sites use. this masks the url and then process the information in java code

  2. Yep…if you just hover the mouse over the link it will show the same as what is being displayed as the “true” link. Right clicking and selecting PROPERTIES will show the actual source link.

  3. As was noted by someone else, I had to right-click on the link – just hovering the mouse over it did not show the alternate address in IE 6. Right-clicking did reveal the “true” link.

  4. just place cursor over link &
    look at bottom left of screen & see if the 2 match
    if not don’t click it

  5. A newly discovered URL spoofing trick can affect anyone using I.E. versions up to and including 6.0.2800.1106, and Safari for Mac. (IE version 6.0.2900, Mozilla, and Firefox are not affected.) The way that it works is that it allows the…

  6. One way I saw is that if you right click on the link then it will display the real link in the lower left corner of the ie screen on version 6

Leave a Reply

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.