Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Foolproof Way To End Bank Account Phishing?

Posted by kdawson on from the worth-a-try dept.

tcd004 writes "F-Secure's Mikko Hypponen proposes an elegant solution to the problem of bank account phishing in the latest Foreign Policy magazine. Hypponen thinks banks should have exclusive use of a new top-level domain: .bank. 'Registering new domains under such a top-level domain could then be restricted to bona fide financial organizations. And the price for the domain wouldn't be just a few dollars: it could be something like $50,000 — making it prohibitively expensive to most copycats. Banks would love this. They would move their existing online banks under a more secure domain in no time."

11 of 436 comments (clear)

  1. dibs!!!!! by Average_Joe_Sixpack · · Score: 4, Funny

    sperm.bank

    1. Re:dibs!!!!! by EmbeddedJanitor · · Score: 5, Funny
      Dear Sir/Madam I am interested in your services:

      How do I make an online deposit?

      Are there penalties for early withdrawal?

      --
      Engineering is the art of compromise.
    2. Re:dibs!!!!! by Anonymous Coward · · Score: 3, Funny

      sperm.bank

      Deposits will require both the .bank tld and the .xxx tld

      I don't even want to know about withdrawals...

    3. Re:dibs!!!!! by Penguinshit · · Score: 4, Funny

      Are there penalties for early withdrawal?

      Yes; no linked child accounts... although for some that is desirable.

      --

      I have something in common with Stephen Hawking...

  2. Foolproof system by Reason58 · · Score: 5, Funny

    "Foolproof systems do not take into account the ingenuity of fools."

  3. Ummmmm... by TheDarkener · · Score: 4, Funny

    I just made thedarkener.bank on my own computer, using /etc/hosts. It points to my computer.

    I'm gonna go smoke a bowl and see if I can't remember if I spent $50,000 on it or just used basic computer knowledge to bypass the TLD.

    --
    It is pitch black. You are likely to be eaten by a grue.
    1. Re:Ummmmm... by Score+Whore · · Score: 5, Funny

      Now all you've got to do is fake up an email from your bank, send it to yourself. Then when you fall for the trick you'll have your username/account number and passwords. You are truly a l33t hax0r.

    2. Re:Ummmmm... by roystgnr · · Score: 4, Funny

      Now all you've got to do is fake up an email from your bank, send it to yourself. Then when you fall for the trick you'll have your username/account number and passwords. You are truly a l33t hax0r.

      That, or he'd have to hack into someone else's computer. I know that's impossible today, but a few pessimistic computer scientists suggest that one day Microsoft's crack team of programmers may make a mistake, allowing a malformed file or network connection to initiate the execution of malicious code on an innocent person's computer! Worse yet, some fear that the vigilance of today's sophisticated computer users may itself fail. It's unlikely that anyone would be foolish enough to run an executable file from an untrustworthy source without at least rigorously testing it in a "sandbox" environment, but rumor says that in a few underfunded public schools the computer security classes don't even teach kids how to set up a virtual machine!

  4. Re:I know it will never happen by Reason58 · · Score: 5, Funny

    But god would it be good to gouge banks for $50k. It would feel so sweet.

    Until you realize it was your own money.

  5. Re:We'll see about that. by smegged · · Score: 3, Funny

    Thanks, now I don't have to bother typing this myself.

  6. Re:We'll see about that. by JimDaGeek · · Score: 4, Funny

    Dear "OurBank", I use Mac OSX and Linux, your "ourBank.exe" did not work. Please send me either a .deb file or an .dmg. That should help me a lot.

    --
    General, you are listening to a machine! Do the world a favor and don't act like one.