IE7 linked to possible phishing scam

by admin March 15, 2007 at 9:24 am

Microsoft is investigating a possible vulnerability in Internet Explorer 7 that could help cybercrooks launch phishing scams, the company said on Wednesday.

An attacker can use an error message displayed by the latest Microsoft browser to send web surfers to malicious websites that will display with the address of a trusted site, such as a bank, Aviv Raff, a developer in Israel, wrote on his website. Raff included an example where the error message directs the web surfer to a site of his choice.

Microsoft is looking into the issue, a representative said. “Microsoft is not aware of any attacks attempting to use the reported vulnerability,” the representative said in an emailed statement. “Microsoft will continue to investigate… to help provide additional guidance for customers as necessary.”

Read more: