Easy IE exploit

Hehe, I just heard this from a friend.

Internet Explorer has an Phishing filter.
So if you visit a flagged website IE will tell you that that website is a fraudulent/phishing website.

How do these websites get added to the database?
People submit it.

A group of people (approx 20-30 people) have all reported the website of Natwest (the bank) as a phishing website (everyone can do that, check your IE toolbar).
And their website got flagged! (probably fixed by now)

Now this is a easy exploit. Just ask all your friends to click the report button on the website of your concurrents and boom!

I am not telling you to do this! I thought I'd share this with you so we can have a discussion, read other peoples opinion on this matter!

 

yeah i saw some dude with a macro that reported random sites.

Anyhow I think its getting into a serious problem..

 

Exactly, people can get the phishing flag even though they are not fraudaulent.

 

Microsoft FTL. At least Google's is automated. Same concept but in reverse.

 

there will always be loophole for anything

 

Why did natwest get flaged?

 

as a jokeim guessing

 

he means that any group of people of 20 members can flag any website though it is any popular one i guess

 

cools lets all pop over to webmasterworld and flag it, JOKE

 

indeed, just a few people is enough.

 

I'm sure good common people would report abuse on this.