Search



AuthenticationWorld.Com

About

This page contains a single entry from the blog posted on April 10, 2007 8:28 AM.

The previous post in this blog was Transaction authentication.

The next post in this blog is To report or not?.

Many more can be found on the main index page or by looking through the archives.

Subscribe to this blog's feed
[What is this?]

« Transaction authentication | Main | To report or not? »

Strong or different authentication doesn't stop phishing attacks

Brian Kreb's today published a blog "Research Suggests Weakness in Anti-Phishing Technology" that documents how strong or different authentication techniques won't stop phishing attacks. As the researchers show, a man in the middle attack foils the strong authentication.

The researchers efforts have already been done several times in real life with the most recent example being ABN Amro. There one time password was successfully bypassed in a phishing attack.

Guy
www.authenticationworld.com
guy.huntington@authenticationworld.com

As Brian mentions towards the end of his blog "The single most realiable way to protect yourself from falling victim to phishing scams is to never click on links that arrive via e-mail or instant message prompting you to log in to your bank account."

I have developed a free new product that says "Think on it before you click on it". It's a 3 minute training Flash program which can be viewed right at the employee's desktop. To view it click here and go to here for more information.

Posted by Guy Huntington on April 10, 2007 8:28 AM |

TrackBack

TrackBack URL for this entry:
http://www.authenticationworld.com/cgi-bin/blog/mt-tb.cgi/198

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)