The Register® — Biting the hand that feeds IT

Feeds

Protecting Online Customers from Man-in-the-Middle Attacks

By downloading you agree to our Terms & Conditions. We will email you a copy of the paper.

Using multi-factor authentication to protect end users from theft and fraud

Published January 2008

In 2006, a new type of sophisticated phishing attack appeared on the Internet targeting a bank’s business customers. These attacks, called “Man-in-the-Middle”, used a fraudulent email to fool the bank’s customers into divulging their credentials on a site that appeared legitimate. What was unusual about these Man-in-the-Middle (MITM) attacks is that they succeeded in spite of the customers using one-time password (OTP) tokens that generated a unique password every minute.

By downloading you agree to our Terms & Conditions. We will email you a copy of the paper.