November 30, 2010
Are you sure you're actually visiting your bank’s website when using mobile Safari? Or could it be you’ve been phished? One IT professional has concluded that the current iOS makes it very easy for troublemakers to create phishing sites that look like the real deal. The result could cause concern for mobile web surfers using “secure” sites to make purchases or initiate banking transactions using the iPhone/iPod touch or iPad. According to German-based ifun, security expert Nitesh Dhanjani has uncovered a simple trick, which allows developers to place a fake address bar near the top of a mobile web page. As such, inexperienced visitors might be giving their personal information to the wrong organization.
"I did contact Apple about this issue and they let me know they are aware of the implications but do not know when and how they will address the issue."Here is a short video:
Our advice to readers: When visiting a website, be sure to type out the site's complete address in the address bar at the top. Once the site is rendered, check that address bar again. Be sure you are still on the correct site.