…there are rating organizations that score online brokers on a scale of 1 to 5 stars. I glimpsed at two recent reports and didn’t find anything related to security or privacy in their reviews. Nowadays, with the frequent cyberattacks in the financial industry, I think these organizations should give accolades or at least mention the security mechanisms the evaluated trading platforms implement in their reviews.
Man in the middle spoof of SMS, phone call, and security question validation? Security gets harder and harder …
If SMS is used to validate your account, then the attacker’s registration site will also use SMS to validate you. When your service provider asks the attacker for the code sent to your mobile phone, the victim is asked on their registration form to input the SMS received. Once the victim provides the SMS on the attacker’s form, absent any additional protocols, the unsuspecting user’s email or other online service account has just been hijacked.
The mouse attached to your computer and your hand may be telling us more about your identity than you suspected. This could be both a good thing, as researchers in Italy recently noted, or troublesome as those in the Tor community noted a bit over a year ago.