[OWASP-Ireland] Phishing One-time passwords
brian.honan at bhconsulting.ie
Mon Oct 17 06:24:45 EDT 2005
Interesting in this case was the fact that each customer was given a card from which they could scratch off their OTP. Users were duped into entering their latest OTP into a fake site. So another weak link here is that the passwords were pregenerated and had no expiration.
From: Eoin.Keary at allianz.ie
Date: Mon, 17 Oct 2005 11:14:45
To:OWASP-Ireland at lists.sourceforge.net
Subject: [OWASP-Ireland] Phishing One-time passwords
One-Time passwords are meant to be more secure but the weak link is people (Tell me something I don't know).
IT Security (Tech Admin)
Security Projects Division
Dir: + 353-1-613-3490
Mob: + 353-87-904-1922
Mailto:eoin.keary at allianz.ie
Ph 01 6133490
Allianz Ireland p.l.c. and Allianz Corporate Ireland p.l.c. are companies of the Allianz Group, Europe's leading global insurer and provider of financial services.
For more information on our products and services log on to www.allianz.ie or call us on (01)613 3000.
The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action or reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you have received this in error, please contact the sender and delete the material from your computer.
Allianz Ireland p.l.c. trading as Allianz is regulated by the Irish Financial Services Regulatory Authority (IFSRA).
Allianz Corporate Ireland p.l.c. trading as Allianz is regulated by the Irish Financial Services Regulatory Authority (IFSRA).
Helping You Piece IT Together
Email: brian.honan at bhconsulting.ie
Support Global Security Week 5/11 - 9/11 www.globalsecurityweek.com
This message is for the named person's use only. If you received this message in error, please immediately delete it and all copies and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Any views expressed in this message are those of the individual sender and not of BH Consulting
More information about the Owasp-ireland