On 21/12/21 9:59 am, rhkramer@gmail.com wrote:
On Monday, December 20, 2021 02:28:13 PM Brian wrote:On Mon 20 Dec 2021 at 10:32:31 -0500, rhkramer@gmail.com wrote:My identity has been stolen, and although it has nothing to do with[...] May we know the URL of the financial website you contacted and the help number you phoned.The website is troweprice.com, and the phone number is 855/654-5324. It looks like I didn't record the actual URL that I was on, but I don't think you could see that exact page in any case as it was an https page and one that showed my account numbers and balances.
There is a type of attack called cross-site scripting (XSS). It's mostly been eliminated by latest version browsers, but there are always zero-day vulnerabilities.
The effect is that if you are vulnerable and have two tabs open, one to the legitimate site, and one to a bad guy site, the bad guy can alter your trusted site and for instance change a valid link into something malicious, or change a displayed phone number.
More at https://owasp.org/www-community/attacks/xss/ -- Jeremy
Attachment:
OpenPGP_signature
Description: OpenPGP digital signature