iPhish: Phishing Vulnerabilities on Consumer Electronics

12 years 8 months ago
iPhish: Phishing Vulnerabilities on Consumer Electronics
As consumer electronic devices with embedded browsers become popular, financial institutions and online merchants set up websites to accommodate visitors using these devices. These devices range from cell phones to gaming consoles, cars, and even refrigerators. Porting a traditional desktop1 browser to a mobile device is more involved than resizing the display. To adapt to the hardware limitations inherent in mobile devices, mobile browsers often remove or replace certain features commonly found in traditional browsers. Unfortunately, some of these features are critical for depending against phishing attacks. We studied browsers on three mobile devices and discovered vulnerabilities in their input, chrome, and URL display. We conducted a user study to confirm our findings on the iPhone Safari browser, one of the most popular mobile browser platforms. For each potential vulnerability, we were able to construct a phishing scenario to successfully fool users into giving away the credenti...
Yuan Niu, Francis Hsu, Hao Chen
Added 02 Oct 2010
Updated 02 Oct 2010
Type Conference
Year 2008
Where NSDI
Authors Yuan Niu, Francis Hsu, Hao Chen
Comments (0)