Decius wrote: ] ] Bank of America (Research) will require Internet clients ] ] to register their computers and assign a digital image, ] ] such as a photo of a pet, to their accounts in an effort ] ] to cut down on fraud, the bank announced. ] ] ] ] The image will appear on the site every time a customer ] ] has to enter a password. ] ] I think this is a pretty good idea, and quite simple. This could be reasonably effective, at least initially, and perhaps evwen for a while. Unfortunately, like passwords, most people will probably use the same image at every site. BoA even seems to be recommending this by their example (a photo of a pet). This just adds another step to the scam. Instead of just convincing people to go to the phishing site, the attacker must first harvest the customer's standard image by getting him to register for a "protected" account at a new site. "You've Won a Free 30 GB iPod Photo! Click here to create a secure account and verify your shipping address. Act soon; supplies are limited. Reply before 5 pm and it will ship today!" RE: An interesting approach to phishing scams |