Fwd: [cap-talk] A new type of phishing attack



Sent from my iPhone

Begin forwarded message:

From: Sandro Magi <smagi@higherlogics.net>
Date: September 12, 2014 at 9:33:18 EDT
To: "General discussions concerning capability systems." <cap-talk@mail.eros-os.org>
Subject: [cap-talk] A new type of phishing attack
Reply-To: "General discussions concerning capability systems." <cap-talk@mail.eros-os.org>

Interesting new phishing idea:

http://www.azarask.in/blog/post/a-new-type-of-phishing-attack/

Basically exploiting a typical user's workflow where they have multiple tabs open. This highlights the real need for a functional petname system.

As a trivial countermeasure, I wonder if it's really necessary for JavaScript to run on inactive tabs.

Sandro

_______________________________________________
cap-talk mailing list
cap-talk@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/cap-talk
Ken is an Independent Consultant in South Florida for secure cloud-based software and mobile access software. Graduated in the UK, developed the first Capability-Based Computers (PP-250), became a Charted Engineer, and awarded a Fellowship of the IEE (London). Partnered on a dozen patents developing Object Engineering fundamentals while working in UK, USA, Germany, and Belgium. Invitation speaker at conferences on Operating Systems and Communications.

Comments

Post a Comment