Monday, August 22, 2005
Beware of Clipboard Script Attacks!

Got this email - this is really useful information:

------------------------------------------------------------------------

Careful!!!!! Do not have anything in clipboard when you surf web sites whose authenticity you are not sure about!!!!

This is amazing!!
Just follow these steps here to beleive it yourself :- > >
1) Copy any text > >
2) Click the Link:  http://www.friendlycanadian.com/applications/clipboard.htm
3) You will be able to see the text you copied on the Screen.
NOTE: If you are using to save PASSWORDS / Cr. Card#s / IMP Info in clip-board, Read carefully...
Do not keep sensitive data in the clipboard while surfing the web. It is a single line code to extract the text stored in the clipboard. Just look at the following site, it demonstrates how easy it is to steal your sensitive information. Select some text from this mail and Hit Ctrl+C and then check the link. Click the Link: http://www.friendlycanadian.com/applications/clipboard.htm

Right Click on the Web Page and Click "View Source" to see one line source code of the same. The following is supposed to prevent it:

A work-around for users using Internet Explorer 5.0, is to disable or set-to-prompt the option of "Allow paste operation via script", which is accessible through | Tools \ Internet Options \ Security \ Internet > security zone \ Custom Level \ Scripting \ Allow paste operations via script >

------------------------------------------------------------------------------

posted on Monday, August 22, 2005 10:45:20 PM (India Standard Time, UTC+05:30)  #    Comments [0] Trackback
Related posts:
Microsoft!
Smart Client Development using Visual Studio 2008 and .NET 3.5
Project Shutter
The big Silverlight announcement!
What would you like to see?
Silverlight

Page rendered at Friday, December 05, 2008 1:53:36 AM (India Standard Time, UTC+05:30)