[Michael]

Although IE8 passed the browser security test with flying colours (hmm) (results here), it did not catch that one below.

Also, should you trust your address bar? No!

Start with a hijacked Hosts file (incidentally it came from the malware described in the previous post):



Browse to www.bancodabrasil.com.br



However, look at what is under the hood:



Yes, it's a big cover up and the site is in reality hosted on 209.51.152.42. That means if you log in to this 'banking' website, you are giving away your information (and possibly money) to criminals.

How does IE8 protect you?



"Check the address to make sure it is a site you trust."

OK, let's do that:



Looks pretty legit to me?????

Phishing scams are very sophisticated and the whole thing is fairly simple: You browse to a site that has an exploit, it modifies your hosts file. Then you go to do some banking and all your money is belonged to the bad guys!

Watch what happened behind the scene:



Does that make you feel like doing online banking anymore? It certainly gives me cold shivers.

Jerome Segura