This spoof is potentially quite dangerous. Conventional wisdom is that one of the best ways to spot a fake web site is to look for the s in https: and look for the lock symbol on the bottom bar of the window. This of course pertains to web sites that use SSL certificates like financial institutions and shopping sites.

This sort of spoof can be particularly dangerous when combined with a fake email, or phish. And perhaps even more so when combined with DNS poisoning and pharming exploits. (more on those latter)

Well, evidently, early generation SSL certificated can be picked up so easily that they are rapidly becoming relatively worthless. Apparently, it is far too easy for crooks to get a SSL certificate that purports to be from a legitimate secure web site and even uses the same or similar URL address.

For more on this matter, check out this report by Geotrust

Posted on Tuesday, April 19th, 2005 at 2:10 PM and filed under All Posts, Email Security, Malware. You can follow any responses to this post through the RSS 2.0 feed. You can leave a comment, or you may trackback from your own site.