Industry News Home More stories like this... RSS Feed

New image phishing method highlighted

A new method to compromise the online security of internet users has been brought to light by internet security firm Arbor Networks.

The firm states that crooks have taken steganography, which involves hiding data in digital images, to the next level by embedding malicious HTML and java code calls in images.

Once done the images are then attached to phishing emails sent out to potential victims, says the firm, which claims to have discovered such messages doing the rounds.

Vulnerabilities in Internet Explorer's (IE) Multipurpose Internet Mail Extension (MIME) are apparently being exploited by the calls, which lead to the deployment of a fake login page purporting to be eBay's.

Due to IE's set up of scanning the first 256 bytes of a file being downloaded, the threat is able to get through because if HTML code is sniffed by the browser it will run it enabling the page to dowload.

According to Arbor, only IE seems to be affected by the issue because FireFox and Safari browsers display a broken image instead.

PC Tools AntiVirus ensures that you are always protected against the latest viruses. Visit www.pctools.com to upgrade your protection