Two Factor Security Hazard Is Still There
It's much better to have two-factors of security than one, however the additional factor doesn't assure complete safety against potential risks.
Online security threats have increased dramatically in recent times. The huge volume of these threats is overwhelming the security labs, which fail to continue developing vaccines required for a huge percent of fresh security threats. This implies that even PCs with an anti virus installed are at risk of security threats, Luis Corrons - PandaLabs' Technical Director - said this in a press release that PR Newswire published in first week of May.
A two-factor authentication security-plan must be implemented for financial institutions. Age of username and password as being sufficient safety for people remained in the rear-view-mirror for quite some time.
To enhance security, promising solutions are being developed for long. Security token is the one that existed for a while, however was not distributed widely. Used in govt. and a few private businesses, the token is used for generating a number serving as a time sensitive extra key for accessing a protected resource.
However, once expired the token can't be reused. Together with a username/password, the security model presently being used by financial institutions and online industries is going to be much better. Conventional phishing assaults, which seize a username/password, become futile in the absence of security token.
That heightens the criminals' stakes, and Zulfikar Ramzan - security researcher for Symantec, believes they'll respond.
"In case two factor tokens are more prevalent, I am afraid scammers will change their strategy and more assaults will be seen in real-time," said Ramzan in news that Securitypronews published on May 18, 2007.
Scammers need to sharpen their game, using an automated "man-in-the-middle" phishing website will go through a normal login as well as the additional token credential for the legitimate website.
It's being viewed that a fresh breed of scammers and Phishers is developing in society, who're employing social engineering tactics for designing malevolent software & websites. They are no longer the kids who would sit in the basement and develop viruses/websites. These fresh breeds of scammers are criminals who're stealing identities, infiltrating corporations, and emptying the bank accounts.
Related article: THE SPAM MAFIA
» SPAMfighter News - 28-05-2007