|
|
|
|
|
|
by blauwbilgorgel
4305 days ago
|
|
|
It is ok. Thank you for submitting an interesting article. This attack vector is very relevant to this day. It works remarkably well on mobile phones, especially with the new trend of hiding the URLs to save screen estate. Together with throwing up a fake website, you could also try throwing up a fake address bar. Also with mobile phones you can emulate a native application. This will show when the phone is re-activated with the browser app on. A redirect to something like a Googleusercontent domain would be tricky, even with a visible URL. The author could also mine the referrer: visitor from HackerNews? Phish the log-in form with a bad gateway message. |
|
|