An easily remedied Web site loophole may be leaving banks and other companies that do business online more susceptible to phishing attacks, according to Netcraft.Online criminals are increasingly using cross-site scripting flaws to inject their own code into legitimate Web page URLs, the network security services company said in a note posted on its site Monday. With these sites, the attackers can try to dupe unsuspecting consumers into falling for phishing scams.
=>
http://news.com.com/A+phishing+wolf+in+sheeps+clothing/2100-7349_3-5616419.html?tag=alert for more info