Phishing & BotNets
RE: SF new article announcement: Two-factor banking Oct 19 2005 01:15PM
Levenglick, Jeff (JLevenglick fhlbatl com)
Seems like this will be the next six month trend. For what it is worth:

1) Tokens have been around for a while already. They are expensive.

2) Like any fancy password system, there are programs out there to hack

them. (Cain and Able)

3) Very easy to Phish. Just call a person and you can get them to give

you the pin and token code the

same as calling a person to ask for their id and password.

The only reason why you do not see more tokens in the public is because

certs have a legal representation and

tokens do not. (ie: You can be held responsible for a transaction with a

cert and not a token)

-----Original Message-----

From: Nick Bilogorskiy [mailto:nick (at) avresearch (dot) net [email concealed]]

Sent: Tuesday, October 18, 2005 06:27 PM

To: phishing (at) securityfocus (dot) com [email concealed]

Subject: Fw: SF new article announcement: Two-factor banking

> The following columnist commentary was published on SecurityFocus



> Two-factor banking

> by Kelly Martin

> 2005-10-18


> Trust in financial institutions is eroding as phishing scams grow

> exponentially; adding two-factor authentication is our only hope.





This e-mail message is private and may contain confidential or

privileged information.

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus