[quote=Ephemeral]Actually iframe is much more dangerous because it can overlay a page. You can see
http://www.friendster.com on the address bar but the content isn't Friendster. What happens if the iframe is a fake login page?
You trust the url
http://www.friendster.com but the iframe fake login overlaps the real page. It makes you trust the page even if the content is fake. The web forgery alert won't trigger and poof! It leads to higher hack possibility[/quote]
Wow that is even more scary that just a simple worm that is easy to remove from our profiles