funsec mailing list archives
New security measures at the Cambridge Savings Bank
From: "Richard M. Smith" <rms () computerbytesman com>
Date: Tue, 31 Oct 2006 15:04:33 -0500
Hi, A friend just forwarded me the attached email message from the Cambridge Savings Bank of Massachusetts about a new security program that they plan to roll out soon. The email seems to be legit, but sending out email messages about online banking security is a bit odd since this is how most phishing scams operate. This new security measure apparently works the same as this scheme: http://www.nassaued.org/security.html To log onto a bank account, one still uses a username and password. However, the computer must also have a special "security" cookie set on the computer. This cookie gets generated by the bank's Web site after someone answers a number of "secret" questions about their account. An account can also be locked down to only work on one particular computer. I'm not sure what happens if someone clears out their browser cookies. I suspect there is some company out their that has a patent of this technology and they are peddling to the smaller banks to meet upcoming FDIC mandates. What do folks think about this idea? Richard M. Smith http://www.ComputerBytesMan.com -------- Original Message -------- Subject: CSB Enhanced Online Banking Security Date: Tue, 31 Oct 2006 09:46:15 -0800 From: info () cambridgesavings com Reply-To: info () cambridgesavings com To: Dear CSB WebBank User: Your online security has always been a top priority. As identity theft and fraud continue to make headlines nationwide, we'll be upgrading CSB WebBank with a new security service during the week of November 6, 2006 to further help protect you from identity theft and fraud. Introducing Enhanced Login Security (ELS) ELS is a new, free and easy way to help prevent fraud. ELS strengthens security at login by adding an additional authentication factor beyond the User Name and Password that you use today. ELS is a browser-based secure cookie with an individualized credential (ID) stored on your computer. This ID serves as the second factor in addition to your User Name and Password. This additional security technology allows us to verify you as the "true owner" of the WebBank accounts from whatever computer you're using for CSB WebBank, whether you're at home, at the office, or on the go. Your WebBank accounts are protected from unauthorized access, providing you with peace of mind. We will send you a second email during the week of November 6th with in-depth instructions on how to utilize ELS. If you have any questions, please call us at 888-418-5626. Thank you for banking with Cambridge Savings Bank. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- New security measures at the Cambridge Savings Bank Richard M. Smith (Oct 31)
- Re: New security measures at the Cambridge Savings Bank John LaCour (Oct 31)
- Re: New security measures at the Cambridge Savings Bank Nick FitzGerald (Oct 31)
- Re: New security measures at the Cambridge Savings Bank Valdis . Kletnieks (Oct 31)
- Re: New security measures at the Cambridge Savings Bank Nick FitzGerald (Oct 31)