2006-04-07
Explaining the real risk of Phising...
It seems that most security specialists does not quit understand the impact of Phising attacks on web sites. Many times the security "experts" will try to sell something like VISA 3D Secure, but they do not realize that all the effort in the world could make all of it semi useless with a properly planned Phising attack.
To proof the point, please read the following interesting web articles:
* Netcraft article
* Secunia advisory, with proof of concept (IE browsers only)
Personally I belief there should be a lot more emphasis on teaching people how to read the SSL certificate information of their Bank's web site.
Should make you wonder...
To proof the point, please read the following interesting web articles:
* Netcraft article
* Secunia advisory, with proof of concept (IE browsers only)
Personally I belief there should be a lot more emphasis on teaching people how to read the SSL certificate information of their Bank's web site.
Should make you wonder...
