Research In Motion (RIM), creater of the BlackBerry line, has reported a vulnerability which may expose some users to attack by “phishing” hackers. The report indicates that the flaw could allow a hacker to mislead a BlackBerry owner into visiting a malicious website. BlackBerry users caught by the scheme would find themselves at what might appear to be a legitimate site, but it is in fact designed to capture visitor data for malicious purposes.

The phishing link, typically forwarded in emails or IMs, immitates a legitimate BlackBerry website, but contains characters that are hidden. The browser dialog box informs the user when there is a mismatch between the domain names in the target site name and that indicated in the associated certificate, but does not properly illustrate that the mismatch is due to the presence of some hidden characters in the site domain. That is, the site domain and the certificates appear to match because the software does not display the hidden characters. If you see a pop up similar to the one below, you should select “Close connection” in order to eliminate exposure of your data, unless you know exactly what you’re doing (or you’re feeling lucky).

Need more help? Send us an email at help@pcxmedics.com, or use our contact form.