Pop up thievery

Yes, it’s yet another Microsoft IE flaw and yet another warning to be careful about using the browser and yet another reason to stop doing so.
This time, visitors to some bank sites–including Citibank, Deutsche Bank and Barclays Bank–see an otherwise innocuous but annoying pop-up ad that plants a file on their computer called img1big.gif which is, actually, a small executable that goes into action any time it sees the user login to a secure HTTPS session at a site URL that includes any long, banking-related string of characters.
Then, it simply records the login and password info and now it knows how to get into your online bank account. Voila!

This entry was posted in The Wonderful WWW. Bookmark the permalink.