Several sites (I remember Yahoo did this too, back when I used my Yahoo account) such as Bank of America show a SiteKey or similar image the user chooses after they enter their username, but before they enter their password. Ostensibly, this ensures the login page is unique to each user, and therefore a phisher can't just show a static login page that looks like the bank's site, but what's stopping them from simply hitting the bank's site in the background and forwarding the image (or other security challenge) right to the user? I'll grant, it makes the phisher's job slightly harder, but it really doesn't seem that valuable to me. What's the rationale for this behavior?
If a single server keeps hitting their site requesting the images for different userids (especially one where the users haven't logged in from before), it will be pretty suspicious, so it's harder for a Phisher to hide.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With