Study - Surfers Ignore Common Security Cues on Banking Sites
A new study paints a distressing picture of how easy it is to trick people into signing onto a fake web site and surrendering personal information. It's pretty hard to believe that in 2007, with all the media coverage that the subject has received in the past year, people are still falling prey to phishing attacks. Maybe online banking institutions should start thinking like PayPal and implement a mandatory two-factor authentication scheme on their sites.
Password protection has its limitations, especially when it comes to things like online banking. That's why millions of phishing attempts are made every day—it's relatively easy to craft realistic-looking web pages that convince users to divulge passwords and other personal details. Financial institutions are well aware of this and as a result, have come up with additional authentication measures for their customers. A new study conducted by researchers from MIT and Harvard casts doubts on the efficacy of such measures.