Study: bank websites totally insecure
A soon to be released University of Michigan study will show that more than 75% of banking websites have serious security flaws. According to Atul Prakash, professor of electrical engineering and computer science, these flaws are design issues that cannot be quickly solved with a simple patch or upgrade. Prakash, along with doctoral students Laura Falk and Kevin Borders, studied 214 financial institutions and found that the most serious issue was the placement of contact or security information on insecure pages. Prakash argues that this can easily lead to phishing attacks by the placement of bogus numbers that lead to scam artists.
Approximately 55% of the sites had this problem, while 47% placed login boxes on insecure pages. Prakash is recommending that banks use SSL protocol to secure their login pages. Why any bank still has a non-SSL login page is beyond me. Rounding out the top five security problems are poor email security, broken chain of trust where banks redirect users to insecure outside sites and inadequate user id and passwords. 31, 30 and 28 percent of websites had these problems, respectively. Prakash’s study titled “Analyzing Web Sites for User-Visible Security Design Flaws” will be released later this month on his website here.
Source: TG Daily
(flaw)
No-one cares. Anyone that gets phished is a f*cking r*tard that deserves it, frankly.
DAmn Banks!
The problem is only phishing? So there is no problem..
People who get caught up in phishing scams should just store their money in a mattress and sleep with a loaded gun
Blizzard are now offering RSA Tokens, making your WoW account more secure then your online bank account. Amusing.
because blizzard KNOWS what they are doing
And that is why I hate credit-cards, online shopping, online and digital everything that has to do with money.
yes..thanks for the update..
but where is the WANTED dvdrip or r5 or screener..
it was supposed to be released this week!!
come on guys…
I cannot count the mistakes I’ve had to deal with through my bank.
If it has to be bought online, just hope you can use a prepaid.
My bank have used a token based security system with SSL from the first time they lauched it. In addition the bank offers virtual cerditcards. Where you set the expiration and money limit and then get CC details. So you can use a new virtual CC for every purchase and you can delete it after the purchase if you want. So noone can steal your CC and empty your account.
You mean to tell me that there are banks that basically have a username/password system ? That’s just stupid.
where’s wanted r5????????????/
heh, my bank’s so unsecure i can login with 2 different “memorable names” and it will still let me in.
no comment which one tho :p
I online bank and have been for almost 10 years now, you have to be a complete moron to be scammed or have any problems. Stick to cash if you are to much of a n00b to figure out how to securely use online banking.
off-topic
Battlestar.Galactica.Razor.2007.720p.HDTV.x264-ESiR
http://thepiratebay.org/tor/4313106
http://www.mininova.org/tor/1628802
Bank fees are destinated to the owner’s new porsche not a better security. Better security, pfft. What the hell were you thinking?
I’ve never trusted my banks website, so never use it, its the year 2008 and its like a site from the year 2000. Using that is kind of like handing your bank account and finance to Bender from Futurama, you know you’re gonna get robbed lol
thanks for this news story, very informative read.
i get that advertisement pays hosting - but is it really necessary to have all the pop ups on this site…
Whats the name of therap song playing in the background? it has an ill beat and the lyrics are dillin’ i wanna download the CD
@20
beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep, beep.
download @ shutthehelloff.com
Martin, it’s really a misrepresentation to characterize the report as saying that bank websites are “totally” insecure. Rather, the substance is that banks are not consistent in their security measures, which leaves them open to breaches and undermines the training of customers in how to differentiate good sites from phonies.
WANTED R5 supposed to have released this week??
Any news on that??
Damn !! So where do I keep my $150 Million Dollars now ?