Impressive phishing attack

Security by on February 13, 2006 at 9:32 pm

Done by an organization with an SSL certificate issued to mountain-america (different from mountain america credit union).

http://isc.sans.org/diary.php?storyid=1118

Tons of issues that the industry hasn’t even begun to address. When will banks and credit card companies realize that users will always be duped.

Authentication is the bank’s responsibility, and needs to be done at the bank login. They must start with the expectation that every user has given their password away. Several interesting companies helping banks fight this:

http://www.guardiananalytics.com
http://www.41stparameter.com

Related Posts

1 Comment

  1. Users are the weakest link - Naffziger’s Net — May 15, 2007 @ 10:24 pm

    […] is a favorite topic of mine (1, 2). Great article on the efficacy of the user toolbar to flag phishing sites: […]

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 2.5 License. | Dave Naffziger's BlogDave & Iva Naffziger