MemeStreams | MemeStreams Discussion

Create an Account

This page contains all of the posts and discussion on MemeStreams referencing the following web page: An interesting approach to phishing scams. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

An interesting approach to phishing scams
by Decius at 2:17 pm EDT, Jun 1, 2005

] Bank of America (Research) will require Internet clients
] to register their computers and assign a digital image,
] such as a photo of a pet, to their accounts in an effort
] to cut down on fraud, the bank announced.
]
] The image will appear on the site every time a customer
] has to enter a password.

I think this is a pretty good idea, and quite simple.

RE: An interesting approach to phishing scams
by noteworthy at 9:50 pm EDT, Jun 1, 2005

Decius wrote:
] ] Bank of America (Research) will require Internet clients
] ] to register their computers and assign a digital image,
] ] such as a photo of a pet, to their accounts in an effort
] ] to cut down on fraud, the bank announced.
] ]
] ] The image will appear on the site every time a customer
] ] has to enter a password.
]
] I think this is a pretty good idea, and quite simple.

This could be reasonably effective, at least initially, and perhaps evwen for a while.

Unfortunately, like passwords, most people will probably use the same image at every site. BoA even seems to be recommending this by their example (a photo of a pet).

This just adds another step to the scam. Instead of just convincing people to go to the phishing site, the attacker must first harvest the customer's standard image by getting him to register for a "protected" account at a new site.

"You've Won a Free 30 GB iPod Photo! Click here to create a secure account and verify your shipping address. Act soon; supplies are limited. Reply before 5 pm and it will ship today!"