Intrusion Prevention

MS.IE.Wamu.Phishing

Description

This indicates a possible exploit of a known spoof of Washington Mutual Inc.'s URL because of phishing activity.
Phishing is the act of attracting a victim to a bogus web site to carry out malicious activity, such as stealing the victim's identity. A phishing scammer will direct victims to a bogus website by showing the victim legitimate information, such as a bank web link, which conceals a malicious web link. This log message indicates a possibility that phishing scammers attracted a victim to a bogus website, showing the Washington Bank web link in the address bar, and tried to steal the victim's personal bank information. This activity will execute a malicious script, to hide the bogus web link, by showing the bank web link in the address bar to make the victim believe that he is actually working on bank web site. This can only be avoided by disabling Javascript in the browser, but most websites require this feature to display their web pages.

Affected Products

Microsoft Internet Explorer with Java script enabled.

Impact

Information disclosure.

Recommended Actions

Avoid accessing suspecious web links and refer Microsoft web page for further information for avoiding phishing. http://www.microsoft.com/athome/security/email/phishingemail.mspx