Monday, July 10, 2006

Phishers Defeat 2-Factor Authentication

Phishers have now started phishing for the two-factor token ID from victims. The most interesting part is that these tokens only give you one minute to log in to the bank until that key will expire. The phishers employ a man-in-the-middle attack against the victim and Citibank to log in via php and conduct money transfers immediately.

read more | digg story


Post a Comment

<< Home