On 21/12/21 9:59 am, rhkramer@gmail.com wrote:
On Monday, December 20, 2021 02:28:13 PM Brian wrote:
On Mon 20 Dec 2021 at 10:32:31 -0500, rhkramer@gmail.com wrote:
My identity has been stolen, and although it has nothing to do with
[...]
May we know the URL of the financial website you contacted and the
help number you phoned.
The website is troweprice.com, and the phone number is 855/654-5324.
It looks like I didn't record the actual URL that I was on, but I don't think
you could see that exact page in any case as it was an https page and one that
showed my account numbers and balances.
There is a type of attack called cross-site scripting (XSS). It's
mostly been eliminated by latest version browsers, but there are
always zero-day vulnerabilities.
The effect is that if you are vulnerable and have two tabs open, one
to the legitimate site, and one to a bad guy site, the bad guy can
alter your trusted site and for instance change a valid link into
something malicious, or change a displayed phone number.
More at https://owasp.org/www-community/attacks/xss/