What exactly is this new Internet address problem?

Question

What exactly is this new Internet address problem and what do I need to do?

-Lawrence

Answer

This question was answered on December 24, 2003. Much of the information contained herein may have changed since posting.

Newly discovered vulnerabilities that are ‘critical’ in nature are nothing new for the world’s most prolific software maker, Microsoft Virtually every program made by the giant in Redmond, Washington is the target of Microsoft haters, hackers, crackers, security firms looking for

exposure or script kiddies (hacker wanna be’s).

The most recent, however, of the at least 20 this year is especially troubling for a couple of reasons.

The first is that it affects about 90% o the Internet public, because it involves the Internet Explorer browser The second is that it plays on the years of advice given to Internet users for determining whether they are on a trusted web site opening the way for massive identity theft and credit card fraud.

The vulnerability allows malicious coders to create web sites that look exactly like a legitimate site, like a credit card company or online merchant and ‘spoof’ the web address so that when the user looks in the address section of IE, it will appear as if they are at that company’s site.

Everything from the https:// to the little yellow padlock at the bottom of the ‘secure’ page can appear complete with the ‘spoofed’ companies web address or URL (Universal Resource Locator) in the proper places.

This means that you can no longer trust what you see in the address bar, especially if you are clicking on a link from an e-mail message or from another web site The possibilities are endless and very dangerous for the less technical Internet going public.

You can test your browser for this vulnerability by going to www.secunia.com.

The problem was discovered by someone the goes by the alias ‘Zap the Dingbat’ that posted the alert on a security mailing list, which did not give Microsoft an opportunity to create a fix for the problem before it was made public.

As a courtesy, most security companies will give software vendors some lead-time with newly discovered vulnerability so that the company can come up with a fix before the problem is made public.

As of this writing, Microsoft has yet to release a patch for the problem, however, an open source project that is located at Openwares.org has posted a patch for the problem.

Because of this latest method of tricking users into divulging personal and financial information, it is important that you do not click on any links in e-mail that supposedly came from your bank, Ebay, PayPal, Amazon.com or any online merchant or financial institution.

If you receive what you think is a legitimate e-mail message from one of your financial or merchant websites, do not click on any link in the e-mail, especially if it is asking you to update your information.

Always go to the companies website manually by opening your browser yourself and typing in the actual address for the company If the information sent in the e-mail is legitimate, then you should be able to access it through the companies website when you sign-in or login to your account.

If you want a more technical approach to detecting spoofed addresses and links, I have posted Microsoft’s recommendations at www.datadoctors.com/redir.cfm/spoof.

Need Help with this Issue?

We help people with technology! It's what we do.
Schedule an Appointment with a location for help!

Author

Posted by Ken of Data Doctors on December 24, 2003