Many important, sensitive login sites are not protected, making it
easier to steal passwords from naive (and even experienced) users. See
`Hall of Shame` listing such sites at
http://www.cs.biu.ac.il/~herzbea/Shame.html
Examples:
Banks and FIs: PayPal, Chase, SmithBarney (CitiGroup), Bank of
America, TD Waterhouse, Amex, FirstCommand Bank, MidFirst Bank
Security services: MicroSoft Passport, EquiFax, InstantSSL
All sites were warned before being added to the Hall of Shame (few
actually fixed their sites and are therefore not on the page, e.g.
eBay).
A related resource - a FAQ on phishing and spoofing, at
http://www.cs.biu.ac.il/~herzbea/shame/FAQ.htm
--
Best regards,
Amir Herzberg
Associate Professor
Department of Computer Science
Bar Ilan University
http://AmirHerzberg.com
New: see my Hall Of Shame of Unprotected Login pages:
http://AmirHerzberg.com/shame.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]