MyBB Community Forums

MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Phishing Website - Possible Cookie Theft?
Full Version: Phishing Website - Possible Cookie Theft?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

Jabberwock

2014-07-13, 11:48 AM
It has come to my attention that there is an impostor website linking to my website through a frame tag.

For example, blabla.XXX which is the imposter site will link to my legitimate blabla.YYY site.
And a GET data is extended with ?referrer=NUM.
Now I obviously undertand that they want to get many referrals, because I provide rewards for referrers.
BUT they also have a javascript with Google Analytics? It seems...

Question is, will they be able to obtain the cookies from the child frame?

StefanT

2014-07-13, 12:44 PM
(2014-07-13, 11:48 AM)Jabberwock Wrote: [ -> ]Question is, will they be able to obtain the cookies from the child frame?
No.

You can prevent your website from being embedded in a frame: https://en.wikipedia.org/wiki/Clickjacking#Prevention

VoIP

2014-07-13, 02:45 PM
(2014-07-13, 12:44 PM)StefanT Wrote: [ -> ]
(2014-07-13, 11:48 AM)Jabberwock Wrote: [ -> ]Question is, will they be able to obtain the cookies from the child frame?
No.

You can prevent your website from being embedded in a frame: https://en.wikipedia.org/wiki/Clickjacking#Prevention

As Stefan said their are couple of ways to block it.

One of them being Noscript(Client Side) and the other being Noframe(server side)

Goodluck Op.

Jabberwock

2014-07-14, 12:37 PM
I took the server side route, it's working great.

Dannymh

2014-07-14, 12:49 PM
Jabberwock,

how did you identify that someone was doing this?

VoIP

2014-07-14, 02:06 PM
(2014-07-14, 12:49 PM)Dannymh Wrote: [ -> ]Jabberwock,

how did you identify that someone was doing this?

I think he's saying a parameter was holding it.

?refer=script here.
MyBB Community Forums > Community Archive > Archived Forums > Archived Development and Support > MyBB 1.6 > 1.6 Security Management and Support > Phishing Website - Possible Cookie Theft?