Slashdot Mirror


Microsoft Advises to Type in URLs Rather than Click

spacehug writes "In a recent Microsoft Knowledge Base article, they provide 'Steps that you can take to help identify and to help protect yourself from deceptive (spoofed) Web sites and malicious hyperlinks.' These steps include always using SSL/TLS, typing 'JScript commands' in the address bar, and typing in URLs instead of clicking links! I have a suggestion that's not in the Knowledge Base: don't use IE!"

2 of 984 comments (clear)

  1. Don't use IE? by tacocat · · Score: 1, Redundant

    I'm not great lover of Microsoft products, except for their mouse, but the idea of not using IE probably won't do much in regard to web site spoofs like this. Unless you have some specifics where the exploit will only affect a MSIE product then you probably need a retraction for your own credibility.

    These typically show up as something where the href tag is entirely evil, but the anchor tags are wrapped around a statement like http://www.yourbank.com. My experience has been that these are seen in email spam, but I've never seen this on a web page. I found a very well done one for paypal last week. It was pretty impressive because most of the links on the web mail form were legitimate.

    Of course, if everything only sent ASCII email we wouldn't have this problem would we?

  2. Comment removed by account_deleted · · Score: 1, Redundant

    Comment removed based on user account deletion