Arjan's World: Some Inspiration To Make Your Site More Secure
You are now being redirected to the new housing of Arjan's World. Click here in case nothing happens

Wednesday, April 12, 2006

Some Inspiration To Make Your Site More Secure

Just came across Design Flaw in Human Brain Prevents Detection of Phishing Websites via (Dutch, sorry).

A study was performed, yielding the idea that the overwhelming majority of people will fall for carefully constructed phishing sites, resembling their valid counterparts for a great deal. Therefore the suggestion is done that people should be able to personalize the pages of e.g. banking sites. Once a phishing site comes around they won't see the personal picture they're familiar with and they'll know something is going on...

Well yeah, seems OK on the surface. Don't know about you, but I'm definitely logging out of my online banking environment after I'm done, meaning, obviously that my personal environment is not available anymore. I probably won't see the picture once I've logged out, only when the site makes use of persistent cookies to still recognize me. Hmm, alright, that seems reasonable. At least, my online banking site also remembers my user-name after I'm logged out, so why should it not show a personal picture.

The central idea behind it might be the bottleneck in the end: obviously for us tech /power users the concept is clear. But is it for your aunt paying her bills online? Who might be so overwhelmed by everything coming towards her on the big bad internet that she probably still will fall for the trick. What do you think?


Post a Comment

<< Home