Trade publications this morning are warning of Microsoft's latest perfect holiday gift for scammers. Security researchers have uncovered a spoofing flaw in Internet Explorer that could allow a scammer to display a fake Web site with all the attributes of a genuine, secure site, including the URL and the icon indicating SSL security. The only difference is that the unwitting user is on the scammer's Web site, probably hosted in some third-world country. The scammer then can collect data from that person. Hopefully this will not be you.
Details can be found on eWeek's web site and probably a few dozen other online news sites.
Please note that this affects only Microsoft Internet Explorer. Anyone using Firefox, Netscape, Opera, or Safari web browsers will not be victimized by this scam since those web browsers do not contain this Microsoft bug. If you are making any online purchases, conducting bank-by-mail, or performing any other sensitive transactions, make sure that you use one of the safer web browsers.
