Re: Identity Theft
Jeremy Ardley <jeremy@ardley.org> writes:
> On 21/12/21 9:59 am, rhkramer@gmail.com wrote:
>> On Monday, December 20, 2021 02:28:13 PM Brian wrote:
>>> On Mon 20 Dec 2021 at 10:32:31 -0500, rhkramer@gmail.com wrote:
>>>> My identity has been stolen, and although it has nothing to do with
>>> [...]
>>>
>>> May we know the URL of the financial website you contacted and the
>>> help number you phoned.
>> The website is troweprice.com, and the phone number is 855/654-5324.
>>
>> It looks like I didn't record the actual URL that I was on, but I don't think
>> you could see that exact page in any case as it was an https page and one that
>> showed my account numbers and balances.
>>
>
> There is a type of attack called cross-site scripting (XSS). It's
> mostly been eliminated by latest version browsers, but there are
> always zero-day vulnerabilities.
>
> The effect is that if you are vulnerable and have two tabs open, one
> to the legitimate site, and one to a bad guy site, the bad guy can
> alter your trusted site and for instance change a valid link into
> something malicious, or change a displayed phone number.
>
> More at https://owasp.org/www-community/attacks/xss/
That doesn't explain how the phone log showed the correct number had
been dialled. I suppose it is possible a call was in progress or came in
at the exact moment that the number was dialled. But then how did the
number get logged as a call?
Reply to: