IE phishing scam exploit unearthed
Security researchers have discovered a way for scam artists to disguise more effectively the location of bogus Web sites.
A flaw in IE displays URLs in the address bar takes the old trick of fooling users into visiting dodgy sites to the next level.
The true destination of scam email is commonly disguised by fraudsters using misleading URLs of the form email@example.com.
As explained here, the weird looking address takes advantage of the fact that anything between "http://" and "@" will be ignored in directing potential victims to scam sites.
[ Read more ]