, 2006-06-19
Federico Biancuzzi interviews Rachna Dhamija, co-author of the paper "Why Phishing Works" and creator of Dynamic Security Skins. They discuss the human factor, how easy it is to recreate a credible browser window made with images, some new anti-phishing features included in the upcoming version of some popular browsers, and the power of letting a user personalize his interface.
Expand all |
Post comment
"Dear TrustedSite X customer,
A number of our customers have reported that their security image has been compromised. Because your security is of high importance to us, we ask you to visit our web site by clicking on the link below and verify that the security image you see is the correct one. If it is not, you will have to submit your identity information in the presented form on the same web page. Thank you."
Of course it will never be the correct image...
The point is that while Mr. Rachna Dhamija and security profesionals will know how this image-thing works (and in what circumstances it *cannot* be trusted), ordinary people might have a few difficulties figuring all this out.
[ reply ]
Link to this comment: http://www.securityfocus.com/comments/columns/407/33744#33744