Originally posted by: Lifted
Had to email my ISP about this. They emailed me back within an hour stating the DNS server was patched. So much for testing. :roll:
Anyway, maybe somebody could think this through a bit better than I can...
If a record was successfully poisoned, is there any way for the false site to use SSL without any warning dialogs popping up in the browser (assuming they haven't been disabled)?
If the phishing site is hosted at 123.123.123.123 and has people thinking they are at
www.mybank.com, and they use SSL so as not to make people suspicious and keep the scam going longer, all browsers will display a warning that the domain in the SSL cert (gimmieyourbankaccount.com) is not the same site as the domain in the browser (mybank.com).
Is there any way for them to get around this? If SSL is still safe then those who are aware enough to check that they are using a secure connection before logging in anywhere should still be safe.