Chrome and Firefox Phishing Attack Uses Domains Identical to Known Safe Sites

Wordfence ^ | April 14, 2017 | Mark Maunder

[JayGalt]

At the top of your screen is the open space where you type in the internet address you want to go to. That is the location bar. Right now mine says: wwwfreerepublic.com/perl/post?id.....
You just put your curson in that box & type the config comand and press enter. You will get a warning that any changes you make will affect foxfire etc.

Accept that, search for the puny term as specified in the article. Click on the line containing the term, in the column that says false, and false will change to true.

Exit by closing the window & check the article to see if the fix worked. There is a link to their false website in a later paragraph in the article and it will show the strange characters instead of the original website name if you were successful.

[DJ Frisat]

"I have an Samsung “S7 Edge” running Android v7 (Nutmeg)."

You're pulling our legs, aren't you? Or did you write this version, yourself?

[hsmomx3]

Hmm...the update was issued today, version 52.0.2 for FF. I followed the instructions per the article above and did not see any such thing about parameters.

[newfreep]

“Nutmeg” should be “Nougat”

Clearly, too much cocaine today but at least the “N” was correct

[ken in texas]

I followed the instructions per the article above and did not see any such thing about parameters.

What "such thing" did you not see? I just downloaded Firefox 52.0.2 and the parameter network.IDN_show_punycode is there.

[Dacula]

bookmark

[DJ Frisat]

LOL — cocaine starts with C, not N...

At any rate, I’m sticking with NarshNallow on my phone!

(was just joshing you, hope you know...)

[Tolerance Sucks Rocks]

Just type it where you would normally type a URL.

[glock rocks]

bkmk

[dayglored]

Phishing Attack warning ... PING!

You can find all the Windows Ping list threads with FR search: just search on keyword "windowspinglist".

Thanks to Tolerance Sucks Rocks for the ping!!

[granite]

This is what shows in the address bar:

https://www.xn--e1awd7f.com/

[caww]

well I found it listed but there’s no way to change it from false to true.

[Tolerance Sucks Rocks]

Double-click on “false.” It should become “true.” That’s what I had to do.

[Tolerance Sucks Rocks]

That means you have apparently succeeded.

[MEG33]

FYI

And all Chrome And Firefox users

[caww]

Ok..will try that..thanks.

[caww]

Ok...got it! Thanks again so much!

[luvie]

Thanks! Hope none of us gets phished!

[MEG33]

Amen!

[Cementjungle]

Thanks for posting this. That’s a very clever phishing trick... I’ve fixed my browsers and more importantly, my wife’s browsers.