Avoid this, just buy a Mac

[elmo3]

http://www.manchestereveningnews.co.uk/n...sers_.html

'Bank raid' risk for web users

MILLIONS of internet users could unwittingly give their bank account details to criminals via a new scam.

Up to half of home broadband customers may be susceptible to a type of attack known as 'drive-by pharming', experts warn.

Simply by viewing a rogue website, without downloading any software, they could be targeted....

Expert Prof Markus Jakobsson said the dangers highlighted the human Achilles heel in internet security.

He added: "To a large extent, it's a social threat, with people being tricked to install things or de-activate countermeasures. It's becoming much more sophisticated and prevalent - and it's becoming much more of a complex threat."

[raz]

Mac vs PC has nothing to do with it - they're hacking the routers.

It's yet-another-example of the weak/default/non-existent password problem

[samintx]

Is it a revelation that visiting a website only you can get hacked? by scammers. Since I have stopped reading the messages on Yahoo's portfolio pages my spam is almost zilch. I have accidently loaded porn/adult URLs and voila...I start getting porn spam...without downloading anything......now I don't read anything except here, Mac Forum (is that the name? I've forgotten) and selected other sites.

[raz]

Let's try this again, Sam.

Assume you have broadband and a wireless router. That router has a configuration page. That page has a password. If the bad guy guesses the password, he can log in wirelessly and set up the router so that when your computer asks for www.citibank.com, the router will respond with the address of www.badguyspoofpage.com.

Your computer is unaffected. Going to web pages does not affect your computer.

But, typing your account number and password to a spoofed page give the bad guys access to your accounts.

[SKYLANE]

You know, just a thought here. (I need to start a separate thread on this as well.) I have a Real Estate License in CA. To access the Multiple Listing Service, a token was assigned and given to all agents. Implementation for this was for a variety of reasons. After having it on my keychain and using it, I wish I had it for all my log-in accounts regardless of what the account is. I think it would be cool to have one key that is registered and find a way to tie it to all my important accounts. Is this possible? Would it help prevent some of the issues on the web?

This requires following:

User ID:
PIN:
Code generated by physical token key:

I myself am getting closer and closer to pulling off everything financial from the web. Someday I feel the criminals are going to do something that finally us more savvy users will fall prey to. Like the one person said earlier, this type of criminal activity is not Mac proof.

[testcase]

"I have accidently loaded porn/adult URLs " Suuuure!!!

[Panopticon]

[quote samintx] ,,,Since I have stopped reading the messages on Yahoo's portfolio pages my spam is almost zilch. ....
And the reason is...
Every time you post a link to a 'Yahoo' news story, the page is full of ads. Every ad on the page deposits cookies in addition to the ones from the tracker sites and Yahoo. I block cookies from the Yahoo.com domain, but that doesn't stop the ads' cookies.

That's why it is nicer to post a clean, print this page link.

As an example, one of your 'Yahoo links' generated FOURTEEN distinct cookie sets from these sites:
adbrite.com
ad.yieldmanager.com
advertising.com
channelintelligence.com
clickability.com
doubleclick.net
intellixt.com
mediaplex.com
msn.com
qksrv.net
searchmarketing.com
statcounter.com
trafficmp.com
valueclick.com


My only solution was to stop clicking on the links you post.

[5percentTHD]

Can someone tell me how to do that router reprogramming thing? I'm in the market for a new car.