URL-spoofing bug in Apple's Safari could enable hard to detect phishing attacks<article>
<section class="page">
<p>The latest versions of Safari for Mac OS X and iOS are vulnerable to a URL-spoofing exploit that could allow hackers to launch credible phishing attacks.</p><p>The issue was discovered by security researcher David Leo, who published
a proof-of-concept exploit for it. Leo’s demonstration consists of a Web page hosted on his domain that, when opened in Safari, causes the browser to display dailymail.co.uk in the address bar.</p><p>The ability to control the URL shown by the browser can, for example, be used to easily convince users that they are on a bank’s website when they are actually on a phishing page designed to steal their financial information.</p><p class="jumpTag"><a href="/article/2924212/urlspoofing-bug-in-safari-could-enable-phishing-attacks.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article>
Source:
URL-spoofing bug in Apple's Safari could enable hard to detect phishing attacks