Boarding Pass Hacker Targets Bank of America 160
Concerned Customer writes "The fake boarding pass guy is at it again. His blog shows a demonstration phishing website that is able to bypass the SiteKey authentication system used by Bank of America, Fidelity, and Yahoo. Users will be shown their security image, even though they're not visiting the authentic websites." This hack compounds the study showing that users don't pay attention to the SiteKey pictures anyway.
Bank of America?!? (Score:5, Informative)
Here's an example on how B of A does business:
This guy just wanted to check to see if a check was good! [sfgate.com]
You can bet B of A will go after this hacker guy.
original, though? (Score:2, Informative)
Bank of America's security needs improvement (Score:2, Informative)
Re:::sigh:: (Score:2, Informative)
Re:Crux (Score:4, Informative)
vi C:\windows\system32\drivers\etc\hosts
i 192.168.1.100 www.mybank.com
Comment removed (Score:3, Informative)
Maybe I'm ignorant or so (Score:2, Informative)
I live in Belgium and several banks here have switched to a card reader device [vasco.com]
You just have to type in the number of your physical bank account card, then banks site generates a 8 digit passkey.
pop in your bank card, type in the generated passkey, type in your pin code and type in on the site the passkey the little device generates.
Voila... i'm banking... on any pc i want...
every time i make an online banktransfer, i have to repeat the above procedure
My wife hates it... she doesn't like that she has to type over these numbers, but i'm very happy with it.