Pages:     | 1 |   ...   | 5 | 6 ||

Phishers were also able to use real https: links to convince visitors to believe that the site was secure by compromising the Web sites of legitimate businesses that supported Secure Sockets Layer (SSL) encryption, which meant that browsers would present a secure padlock symbol.

The HTML belowshows thehttps: link used a valid SSL certificate for a hosting company.

The client of thehosting company had been compromised and was being used to host the secure phishingsite.

< a href="https ://my.s ec ure-ss l.net/[redux].net.mx /[bank ].c o.uk/1.php js ess ionid= CAM 10:js ess ionid=0000RcSV T4vY F7HNB 8As ppR8HRo:11j71fovqIDV _URL= [redux ].My[redux]_pib" > https://www.[bank ].c o.uk< /a> An example of a phishing attack using a compromised SSL Web site Another botnet, ASPROX, was almost exclusively designed for conducting phishing attacks. When ASPROX first appeared it was principally a phishing Trojan, however, subsequent advances have transformed it into a botnet capable of infecting vulnerable Web sites using SQL injection attacks. It was written in ASP (Active Server Pages) and automatically generates HTTP GET requests used to connect to vulnerable Web sites database servers.

This enables ASPROX to inject malicious JavaScript code into key tables within the database that will cause subsequent visitors to that site to also become infected. The JavaScript, contained within hidden HTML