Just When You Went Non-IE…

Even Internet Explorer configuration changes in Windows XP SP2 don’t protect you from a new phishing technique demonstrated by a British Web developer. That’s enough to make users worry, but worse is that it’s not an IE-only technique. Using Firefox, the coder showed that he could fake a site’s appearance to make visitors believe they are actually using a safe site.

Phishing is the term applied to goading users into providing personal information that they believe pertains to financial institutions or other sites that require exploitable data. Account numbers, passwords and just about any other vulnerable bit of information is gleaned using phishing techniques, and often, the surfing victim is totally unaware that they are not at the site they intended. Now that phishing is going beyond IE, at least in concept for now, the advice to dump IE entirely isn’t quite so sage. It’s still my prefered route, when considering the security situation, but don’t be fooled into thinking you’re 100% immune. The fact that XP SP2 is also at risk is important. Microsoft will be beating the security drum very heavily, but the measures put in place are paving over the largest canyons. Bugs will remain, and continue to surface. [Furo]