Using images to fight phishing
So-called "phishing" Web sites set up by scammers to mimic financial institutions and swindle unwitting consumes often "inlink" or borrow logos and other images directly from the targeted institution's Web sites as a way of making their scam pages look more legitimate (or maybe because the crooks are just lazy). Security experts have long suggested that banks turn the tables on phishing sites that use this technique by creating a short whitelist of sites that are permitted to use those images, and then simply swapping out the real image with one that reads "THIS IS A SCAM SITE" for any sites not on the whitelist.
At Security Fix.
[ Read more ]
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.