funsec mailing list archives
Re: The end of Phishing in sight?
From: Security Lists <securitylists () uniontown com>
Date: Mon, 17 Oct 2005 16:38:49 -0400
I believe a SecurID token has a full 3-minute window of opportunity (more if you can get the user to enter two subsequent token #'s I believe, that's what's needed for token resync sequence), Phisher could simply script an instant automated MITM that would log them in on-the-fly, PIN and all.
-Mark C Dave Killion wrote:
On 10/17/05, *Paul Schmehl* <pauls () utdallas edu <mailto:pauls () utdallas edu>> wrote:OK, I'll bite. Are the banks going to be forced to provide the readers? Or is online banking going to become a thing of the past? ETrade is already providing certain select customers with SecurID tokens. -- Dave Killion, CISSP Contributing Author, Configuring NetScreen Firewalls PGP Key Fingerprint: E477 488D 4340 D04F DD94 2A65 048C B376 D50B 45C8 ------------------------------------------------------------------------ _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- The end of Phishing in sight? Fergie (Paul Ferguson) (Oct 17)
- Re: The end of Phishing in sight? Paul Schmehl (Oct 17)
- Re[2]: The end of Phishing in sight? Pierre Vandevenne (Oct 17)
- RE: The end of Phishing in sight? Richard M. Smith (Oct 17)
- RE: The end of Phishing in sight? Nick FitzGerald (Oct 17)
- Re: The end of Phishing in sight? Dave Killion (Oct 17)
- Re: The end of Phishing in sight? Security Lists (Oct 17)
- Re[2]: The end of Phishing in sight? Pierre Vandevenne (Oct 17)
- RE: Re[2]: The end of Phishing in sight? Richard M. Smith (Oct 17)
- Re: Re[2]: The end of Phishing in sight? Valdis . Kletnieks (Oct 17)
- Re[4]: The end of Phishing in sight? Pierre Vandevenne (Oct 17)
- Speaking of phishing xyberpix (Oct 18)
- Re: Speaking of phishing Richard Cox (Oct 18)
- Re: Speaking of phishing xyberpix (Oct 19)
- Re: The end of Phishing in sight? Paul Schmehl (Oct 17)
- Re: The end of Phishing in sight? Blue Boar (Oct 17)
- Re: The end of Phishing in sight? Justin Mason (Oct 17)