A new phishing tactic discovered by Internet security company SurfControl allows the phisher to take advantage of a weakness in a targeted company’s website, permitting them to use the company’s real URL, while serving up bogus look-alike content.

According to Susan Larson of SurfControl, “This is definitely one of the most sophisticated phishing techniques we have ever seen. Up until now, an informed computer user stood a chance or being able to identify a suspicious URL if they were wary. This new technique demonstrates how computer criminals are engaged in a constantly evolving series of increasingly sophisticated efforts to defraud the public.”

The way that it works is that the phisher exploits a flaw… [Continued...]