Phishing Popups

Phishing PopUps- Fake Requests for Personal Financial Information

What are Phishing Pop-ups?

Many browsers make use of tabs and popup windows. But how do you know if the contents of the popup belong to the company identified on it? Secunia, a web security company, recently issued a security report detailing how most major web browsers with the tabbed browsing feature (what is this?) were susceptible to two different weaknesses that phishers are now exploiting.

Which browsers are at risk?

The browsers identified in the report were:

• Avant Browser 9.02 build 101 and 10.0 build 029
• Camino 0.8
• Konqueror 3.2.2-6
• Maxthon (MyIE2) 1.1.039
• Mozilla 1.7.3
• Mozilla Firefox 0.10.1
• Netscape 7.2
• Opera 7.54

The only platform not a risk (which is a surprise, given its past track record) is Microsoft's Internet Explorer; probably only because IE doesn't even support tabs.

How Does the Scam Work?

There are two main methods employed:

1. A popup appears that is from a company that you have open in another tab
   You may have several tabs or windows open with several different websites; for example, PayPal, Google, Amazon.com and Ebay. Suddenly a popup box opens, that looks like it is from PayPal, and it asks you, "for verification purposes", to enter your password and your credit card information. It may not have been from PayPal at all, and you just gave the crooks your details. For an example of this, visit the demo site at Secunia using one of the browsers in the list above and follow the instructions.
   
   They are able to do this because the browser doesn't tell the user which tab is responsible for the popup box, and inactive tabs are allowed to spawn pop-ups..
    
2. A login form or site's form appears not to be working
   You may have several tabs or windows open with several different websites; for example, PayPal, Google, Amazon.com and Ebay. You encounter a login form on one of the sites; nothing unusual there. You type in your username and password, but nothing shows up. So, you re-enter the information. But, still nothing. You may just assume that the website has temporarily stopped working, so you close the window and carry one elsewhere. but what may have happened is that everything you typed actually went into a form on a site found on one of the other open tabs. For a demo site for this, click on the link!

What Can you Do to Protect Yourself from this Phishing Theft

• Doesn't use the tab feature for sites with sensitive information - Obviously, since this problem only occurs in tabbed browsers, you could avoid them... but the other browsers have different problems. Another solution is to only open sensitive websites in their own windows; not in a separate tab of an open window!
• Another simple solution is a browser plug-in from Netcraft that displays information about the site being visited, such as its geographic location. This won't prevent the popup, but If you notice that your bank's site is being provided from Nigeria, you can assume that it is not legitimate.  Click here to read more about the Netcraft toolbar.
• Be suspicious if a popup asks for your personal information.
• Act immediately if you've been hooked by a phisher. If you provided account numbers, PINs, or passwords to a phisher, notify the companies with whom you have the accounts right away. For information about how to put a "fraud alert" on your files at the credit reporting bureaus and other advice for ID theft victims, contact the Federal Trade Commission's ID Theft Clearinghouse, www.consumer.gov/idtheft or toll-free, 877-438-4338. The TDD number is 202-326-2502.
• See our What to do, if you think you have been the victim of identity theft page!
• Even if you didn't get hooked, report phishing. Tell the company or agency that the phisher was impersonating. You can also report the problem to law enforcement agencies through the National Fraud Information Center/Internet Fraud Watch, www.fraud.org or 800-876-7060, TDD 202-835-0778. The information you provide helps to stop identity theft.    

---

 Reporting a Possible Phishing Attack

If you need advice about an Internet or online solicitation, or you want to report a possible scam, use the Online Reporting Form or call the NFIC hotline at 1-800-876-7060

 

---

For More Information About Phishing, See:

• Click Here for a copy of NCL's Phishing Brochure.  Requires Adobe Acrobat Reader.
• How Not to Get Hooked by a 'Phishing' Scam  [PDF version]
  Offers tips on how to avoid falling victim to a new type of spam scam in which consumers are deceived into handing over personal financial information.
• Is Someone "Phishing" for Your Information?  [PDF version]
  Cautions consumers about emails that claim to be from government agencies in an attempt to steal personal information.
• Digital PhishNet Web site.
• Phish Report Network - a cooperative effort by several companies providing an information clearinghouse that will be run by WholeSecurity, a provider of client-side security solutions.
• Internet Crime Prevention & Control Institute, a cooperative effort between Zero Spam Network Corp. and the University of Miami. Staffed by Miami undergraduate and graduate students and Zero Spam employees, works closely with the Secret Service's Electronic Crimes Task Force and ISPs in the United States and abroad to identify and block traffic to machines hosting phishing sites.
  • Report A Crime
  • FTC Fraud Reporting