The Trouble With Password Entry Pads...

The problem with password entry pads is this:

Gee, do you think my password has any 2's in it? How about 9's?

I've had my digital token card for nearly ten years now. Amazingly, I've never had to change the battery. Anyway, while having token cards is an important part of security, this Slashdot story shows that even these schemes are becoming targets for phishing scams.

Comments:

"The phishers employ a man-in-the-middle attack against the victim and Citibank to log in via php and conduct money transfers immediately when logged in." The scary part of this is that there's no need for human interception on the part of the phisher (I'm no phishing expert, so this might very well be the norm). It's just a script, meaning one single person can cause a lot of damage. Still, I haven't received one single phishing message that hasn't looked suspicious in some way. Checking the URL to the site is the best way to be sure.

Posted by Anders Borg on July 15, 2006 at 02:53 AM PDT #

Post a Comment:
Comments are closed for this entry.
About

Tor Norbye

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today