f-secure.com/weblog

Hi quietman7, help me out a bit please as I don't do electronic banking. Were they looking for you to give them you're ID,as on the left, Or both ID and password, as on the right?

Actually the examples provided relate to the point of the last paragraph which asks "Why don't banks allow you to customize your online banking interface with a picture of your preference?" instead of a phishing scheme. The example on the right shows how a sign in page might look if the user were allowed to personalize it. In this case an image (group of demons) has been uploaded by the user so that when they go to log in, they will readily identify the page as legit because it will display that image.

The one on the left just shows advertisements which any phisher can host on a site that appears to be legit and which most users see when going to a spoofed site. Don't know why that one does not include a password box since passwords are one of the prime targets a phisher is looking for. Appears F-Secure was just providing an example of a personalized vs. non-personalized page which emphasized the "look" and its impact to the human brain as opposed to legit vs. non-legit.

Ok i understand and I guess i would be in the big percentile. As I thought they were both OK.
Perhaps .. I trade online commodities and equities. Whaen there is any issue, the email notifies me to contact. I then log in to them and dea; with the issue. I know it's them and they know it's me. I feel safe that way.