* Posts by CIM

2 publicly visible posts • joined 8 Sep 2007

Will EV SSL stop phishing attacks? Probably not

CIM

Well, I think the answer is "Definitely not": I just got this...

Dear Egg Banking Member,

Due to the high number of fraud attempts and phishing scams, it has been decided to implement EV SSL Certification on this Internet Banking website.

The use of EV SSL certification works with high security Web browsers to clearly identify whether the site belongs to the company or is another site imitating that company's site.

It has been introduced to protect our clients against phishing and other online fraudulent activities. Since most Internet related crimes rely on false identity, Egg went through a rigorous validation process that meets the Extended Validation guidelines.

Please Update your account to the new EV SSL certification by <a href="...">Clicking here</a>.

You are strictly advised to login into your egg aAccount using the above link.

Your egg account will automatically be added to our recent internet banking security system.

(Failure to verify account details correctly will lead to account suspension)

Thank you.

Account Sentinel Service

� Egg Bank Online Customer Service: 1998 - 2008

(Do not reply to this email. Egg Bank retains the right to send you periodic updates on alerts and services).

A US CERT reminder: The net is an insecure place

CIM

Already possible

Cookies have a "secure" option that means those cookies will only be sent over SSL. It's perfectly possible already.

(Is The Register going to switch to SSL for these comment logins, I wonder?)