need
for organized crime to take on the task of writing this more
difficult sort of trojan.
Q. When the criminals are forced to confront stronger
authentication, how hard will they find it?
The criminals may not need to subvert the authentication
process at all. Instead, they may simply come up with new
ways of tricking you out of your money. Spammers, for
example, already know how to conduct on-line fraud without
getting hold of your account number or password. Many
spammers operate by persuading you to conduct a transaction
willingly and overtly, using your hand-held authenticator if
you have one, and then supplying sub-standard goods, or
nothing at all, in return.
Now imagine how much easier it would be for criminals to
seduce you into bogus transactions if they had a complete
picture of your spending habits. For example, if they knew
you paid your rent on the seventh of every month, and which
agency you paid it to, they could attempt to phish you into
paying it into a different account. And before you respond by
saying, ‘but it’s such a big step to start paying bills to a new
recipient, so that would simply never work’, remember that it
sounds just as far fetched to believe that users would willingly
go and type in their personal banking credentials into an
unknown website on the say-so of an email which could have
come from anywhere, and probably did.
The technology to allow outsiders to keep detailed track of
your secure on-line activities, including everything you buy,
and when, and where, already exists.
One example is the application
Pages: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24