[prev in list] [next in list] [prev in thread] [next in thread] 

List:       full-disclosure
Subject:    Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should
From:       "Mike Nice" <niceman () att ! net>
Date:       2006-03-31 19:42:42
Message-ID: 0b1901c654fb$49bbb280$2101a8c0 () othello
[Download RAW message or body]


> http://www.hexview.com/sdp/node/24
>
> (Show this article to your computer-illiterate spouse to confuse him/her 
> even more :)

   Better yet, do the right thing and implement Tip #4:  Go to the secure 
SSL login page of your bank.  Verify the URL.   Verify that the SSL 
certificate was issued to your bank by examining its properties.  Now 
bookmark the SSL page.  Tell your computer-illiterate spouse to *always* go 
to the bank login via favorites with the page you just bookmarked.  If there 
are any popup warnings from the browser [such as from certificate name 
mismatch], do no log in.   This catches all variations of Pharming, 
man-in-the-middle, and type-alike sites.   It offers no protection from 
local trojans/keyloggers.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]