On Fri, 31 Mar 2006, Jasper Bryant-Greene wrote: >> Just as most of the phishing sites already do. > Really? I thought they somehow magically knew enough about you to sign > you in properly and display all the correct details ;)
No, but the reasonable practice would be not to alert the customer (and have him possibly, say, panic and call the bank in question) - but rather, display something along the lines of "Thank you for successfully verifying your Frob Mutual account data. Bye." /mz _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/