Like every other website on the planet, SmallNetBuilder uses cookies. Our cookies track login status, but we only allow admins to log in anyway, so those don't apply to you. Any other cookies you pick up during your visit come from advertisers, which we don't control.
If you continue to use the site, you agree to tolerate our use of cookies. Thank you!

Router Charts

Click for Router Charts

Mesh Charts

Click for Mesh Charts

Single Factor Authentication

A fully transmitted login password or PIN is about as much use in security terms as a chocolate fire safe, as we outlined in the previous article. This is where the username and password are entered in full in the login box, ripe for the picking. What is most incredible is the number of otherwise prestigious sites that use them.

Does the following look familiar?

The Current Crop, Continued

It should then come as no surprise that Fraudwatch cites PayPal as the most targeted site on Earth for phishers.

Fraudwatch is a site that monitors a variety of types of online fraud. In PayPal's favor is the fact that they are actually listed in Fraudwatch. I'm aware of many online sites that are targets of online fraud, but their names do not even show up in sites like Fraudwatch.

The cynic in the audience might be moved to say "I wonder why?" But let's not dwell on questions that cannot be answered without a trip down to the libel courts.

Here is another type of business that might be concerned with the protection of its customers:

This is Davy Stock Brokers.

This is Davy Stock Brokers.

Now, a variant on the theme of looking for another piece of data, but in reality, both the password and PIN are equally vulnerable:

The Current Crop, Continued

Sites that use these systems are really looking for trouble, because it isn't that difficult to actually download the Web code from someone's site. A program such as WGET will grab every object that it can find in a web site and copy it onto your hard disk. You then have a complete copy of this website, down to the images and copyright notices, and even the phishing warnings! It isn't difficult then to comprehend why phishing has been such a successful attack.

Support Us!

If you like what we do and want to thank us, just buy something on Amazon. We'll get a small commission on anything you buy. Thanks!

Don't Miss These

  • 1
  • 2