User Profile
laj
Network Novice
Joined 3 years ago
User Widgets
Contributions
Re: Beware: Login Hijack using misspelled URL
This is about URL’s brought and owned by bad actors. Representing accidentally misspelled addresses of know websites from which they might use malicious exploits for monetary benefit. NOT BROWSERS. Perhaps you need to need to enhance your understanding of domain name services (DNS). The list of internet website addresses are not stored in your browser. Excluding temporary use and caches..of course. To put it in lamen’s terms. DNS is the phone book of the internet. It takes the URL and matches it up with a IP address to which a request can be routed. The addresses tmobile.com and t-mobile.com are owned by TMobile. Companies don’t always buy up alternative top level domains and unintentional misspellings. Most do provide a channel to communicate any exploits that might be used to attack their customers. One technique you can employ, is to only use browsers that allow plugins allowing javascript to be turned off. Which will disable a lot of the dynamic code in the page that can do harm. Security tools are only as good as the latest list of bad actors. To many people panic and follow along with the bad actors instructions because they think they have too. Perhaps I should have said “another less secure browser”. I my opinion the gecko (firefox) browser engine is more secure than blink, or webkit.25Views0likes0CommentsBeware: Login Hijack using misspelled URL
While attempting to login the URL was misspelled. tmoblile.com. Https://was used. It immediately forwarded to a malicious page with audio claiming my computer had been taken over. The URL changed to:xxxjn6g3w. z13.web. core.windows. net/#. Unfortunately, since Tmoblile insists on requiring Edge, or another insecure browser that I don’t use. This paste cannot be unlinked, but some spaces have been added. It appears the MBA’s have miscalculated when removing communications options where security issues can be reported.91Views0likes2CommentsPrivate/Incognito not supported message - faulty
While attempting to pay my bill a “Firefox incognito mode is no longer supported page appeared”. My First impression was that incognito mode was not used and found to be true upon investigation. Yet the message continues to appear even when a standard window is used in windows 10. However, this issue turned out to be more flawed than initially thought. When Firefox is used in Linux no such message appears at all. Even worse how does TMobile hope to contend with modern firewalls that may shut off CDN networks that are found to be dealing in malicious content. Perhaps marketing should rethink this. Often these scripts attempting to force openness are misinterpreting privacy settings. Besides its safer to allow privacy anyway.466Views0likes3Comments