Slashdot Mirror

← Back to Stories (view on slashdot.org)

Boarding Pass Hacker Targets Bank of America

Posted by kdawson on from the augmented-man-in-the-middle dept.

Concerned Customer writes "The fake boarding pass guy is at it again. His blog shows a demonstration phishing website that is able to bypass the SiteKey authentication system used by Bank of America, Fidelity, and Yahoo. Users will be shown their security image, even though they're not visiting the authentic websites." This hack compounds the study showing that users don't pay attention to the SiteKey pictures anyway.

2 of 160 comments (clear)

  1. Bank of America?!? by Anonymous Coward · · Score: 5, Informative
    This guy is going to get it.

    Here's an example on how B of A does business:

    This guy just wanted to check to see if a check was good!

    You can bet B of A will go after this hacker guy.

  2. Re:Crux by toleraen · · Score: 3, Informative

    What chance is there of being Spoofed if have no type of Trojan infection and type the correct URL?

    vi C:\windows\system32\drivers\etc\hosts
    i 192.168.1.100 www.mybank.com
    :wq