Follow Slashdot stories on Twitter

 


Forgot your password?
Close
typodupeerror
×
Security

Boarding Pass Hacker Targets Bank of America 160

Posted by kdawson from the augmented-man-in-the-middle dept.
Concerned Customer writes "The fake boarding pass guy is at it again. His blog shows a demonstration phishing website that is able to bypass the SiteKey authentication system used by Bank of America, Fidelity, and Yahoo. Users will be shown their security image, even though they're not visiting the authentic websites." This hack compounds the study showing that users don't pay attention to the SiteKey pictures anyway.
This discussion has been archived. No new comments can be posted.

Boarding Pass Hacker Targets Bank of America More

Boarding Pass Hacker Targets Bank of America

Comments Filter:

  • Picture? (Score:2, Funny)

    by extern_void ( 1041264 ) on Thursday April 12, 2007 @11:59AM (#18703217)
    users don't pay attention to the SiteKey pictures
    Picture? what picture?

  • Re:Good for him! (Score:5, Funny)

    by jimstapleton ( 999106 ) on Thursday April 12, 2007 @12:22PM (#18703621) Journal
    If he keeps it up, he'll start to know the agents...

    *hears a knock on the door, and answers*
    Him: "Ahh, Agent Doe! Nice to see you! They sent you out for this one huh? Your standard crew."
    AS: "Yep."
    Him: "Can I interest you in some coffee, tea or a soda-pop while they are working?"
    AS: "Sure, I'll have some coffee"
    *He gets the coffee ready as the other agents go to his computer*
    Him: "Sit down, sit down! Here's your coffee"
    AS: "Thanks. So, everything's going well I take it?"
    Him: "Yeah, I'd ask if you heard about my latest trick, but that's probably why you are here."
    AS: "Yes, it is."
    Him: "So, how's the wife and kids?"
    AS: "Not bad. Jane is in basketball now."
    Him: "Middle school"
    AS: "College"
    Him: "Really? I can't believe it's been that long. It seems like just yesterday you were telling me about her being born!"
    *more idle chatter, eventually several black suits come down carrying computer equipment.*
    AS: "Well, it was nice chatting with you again."
    Him: "Likewise. See you next week, same time?"
    AS: "Sure, what do you have planned now?"
    Him: "C'mon, and spoil the surprise?"
    AS: "Alright, see you next week."

  • I Can't .. stop .. myself (Score:4, Funny)

    by slashbob22 ( 918040 ) on Thursday April 12, 2007 @01:05PM (#18704411)

    Rather, I think the insightful thing to say here is that you don't gain security by adding arbitrary hoops for your consumers to jump through, but by implementing a real authentication protocol.
    You are coming to a sad realization, Cancel or Allow?

  • Re:Bank of America?!? (Score:3, Funny)

    by illegalcortex ( 1007791 ) on Thursday April 12, 2007 @01:21PM (#18704681)
    You used to live at BANK OF AMERICA? Now that's customer service.

  • Re:Crux (Score:3, Funny)

    by mypalmike ( 454265 ) on Thursday April 12, 2007 @02:22PM (#18705721) Homepage
    C:\> vi C:\windows\system32\drivers\etc\hosts
    vi: command not found. ;)

  • BofA (Score:2, Funny)

    by crhylove ( 205956 ) <rhy@leperkhanz.com> on Thursday April 12, 2007 @06:28PM (#18710183) Homepage Journal
    Well, I was at BofA yesterday, and noticed they are using Windows machines. In my mind that means that none of the $23.62 that I have in the bank is at all secure. I'm losing sleep tonight!

    The sad irony is that my teller CLAIMED that they use the same computer security as the FBI and the CIA. My response was, "No WONDER we're losing the war!"

    rhY

Slashdot Top Deals

"What man has done, man can aspire to do." -- Jerry Pournelle, about space flight

Close