OWA Fishing attack

Submitted by Kai on Mon, 2007-12-10 11:00.

I just love Gnucitizen - this time Adrian Pastor explains how to use an Outlook Web Access design flaw to create a phishing attack.

The post is a bit technical, but it gives you a very good idea of just how easy it is to fool your OWA users to give up their user names / passwords to a hacker.

The scary bit is that Adrian told Microsoft about this a couple of years ago - but since this is a design feature and not a bug, Microsoft is not changing it.

So if you are running OWA - make sure to take precautions!

Kai's blog

Post new comment

Navigation

Recent comments

Was called by Premier just a few mins ago
3 days 21 hours ago
Nice flight
4 days 6 hours ago
Anyone who has traveled will
6 days 11 hours ago
These tips are very
1 week 3 days ago
Your tips and suggestions
1 week 3 days ago
ISO
2 weeks 18 hours ago
Keep me updated!
2 weeks 21 hours ago
And the winner is....
3 weeks 1 day ago
Thanks for your Overview
4 weeks 1 day ago
of coursi will help you im
4 weeks 3 days ago

Recent blog posts

Bookmark/Search this post

The blogger is Kai Roer, a European Information security professional.

Lijit

Resources

www.isc2.org

Kai's training blog

Archive

Search icon Explore Security Bloggers Network (a FeedBurner Network)

Blog Network:

Name:
Roer.com information security blog

Topics:
security, technology, management

Join my network