Yahoo! Sign-in Seal, prevent phishing

Discussion in 'Technology News' started by pradipudhaya, Sep 9, 2006.

Thread Status:
Not open for further replies.
  1. pradipudhaya

    pradipudhaya New Member

    Joined:
    Nov 17, 2004
    Messages:
    96
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Tamil Nadu
  2. Thor

    Thor Member

    Joined:
    Jun 9, 2004
    Messages:
    501
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    Bangalore
    Yahoo Inc. (Nasdaq:YHOO - news) on Tuesday said it's testing a sign-in seal that ensures subscribers they're visiting the Web portal and not a bogus site set-up by a phisher to steal personal information. ADVERTISEMENT

    The security feature is being offered to a "fraction" of subscribers chosen at random, a Yahoo spokeswoman said. The service is expected to be rolled out gradually, and to become generally available in the "coming weeks."

    The sign-in seal, which is created by the subscriber, is shown each time the user goes to a log-in page for a Yahoo service, whether it's email, the personalized homepage or music. The seal is associated with the person's computer, instead of an ID and password, because Yahoo believed it was better to show subscribers they're visiting a legitimate page before entering any personal information, the spokeswoman said.

    Sign-in seals are being adopted by financial institutions as an anti-phishing measure for online banking. Bank of America, for example, uses the mechanism, but associates it with a person's ID and password.

    In creating a Yahoo sign-in seal, subscribers have the option of creating a unique message, such as a street address, or uploading an image. Users also can choose a sign-in seal color.

    Web portals, which also offer online shopping and other e-commerce services, have made security a focus to ease consumer concerns. In a study released last year, the Pew Internet & American Life Project found that 9 in 10 U.S. consumers had made at least one change in their online behavior because out of fear of spyware, viruses and other Internet threats.

    For example, more than 80 percent of the 2,000 adults surveyed said they had stopped opening email attachments unless they were sure the documents were safe, and nearly half no longer visited Web sites that they feared might deliver unwanted programs.

    SOURCE : http://news.yahoo.com/s/cmp/192203159

    -----------------------------------------------------
    But I wud really like to know how r they going to implement it 4 those who access their account away from their Home/Work PC ?
     
  3. aadipa

    aadipa New Member

    Joined:
    Feb 12, 2004
    Messages:
    997
    Likes Received:
    2
    Trophy Points:
    0
    Location:
    Palghar, Mumbai
    This is useful when you use yahoo services on a single PC.

    You can upload some image/logo to yahoo server, and for every time there is yahoo sign-in box, that logo is displayed on top of sign in box.

    Some sites may create pages which looks same as yahoo login, and when you sign in, the user name/password is sent to that server, not to yahoo. As with new seal, all yahoo sign in will have a logo, so it is easy to identify an authentic yahoo sign in page.

    This service was activated few days ago.
     
  4. Thor

    Thor Member

    Joined:
    Jun 9, 2004
    Messages:
    501
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    Bangalore
    Ok. I got it! Its not account specific, but PC specific. So any yahoo user at any PC can set up a Sign in Seal. hmm. I wonder, suppose a faux site sets up a seal , and a new user who doesn't know abt the sign in seal of that particular pc opens up the log in page ? He will surely think that the "faux" sign in seal is the real one!
    Only way to avert is to query others who have in past used the same pc for signing in. What say u ?
     
  5. deepgeek2

    deepgeek2 New Member

    Joined:
    Sep 12, 2005
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Somewhere in .Net
    Hi, I got it too.
    Got my baby cousin's picture for this.
    @ Thor: Simple :Tell everyone who might use the PC for checking mails. At a home it maynot be difficult. In offices if you put the logo of competitors ;then just informing one person will ensure that the news spreads like wildfire....
     
  6. Thor

    Thor Member

    Joined:
    Jun 9, 2004
    Messages:
    501
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    Bangalore
    [:D]. Ya it definitely wud. Again, spreading the knowledge is the key factor.
     
  7. tinku dhar

    tinku dhar New Member

    Joined:
    Sep 17, 2005
    Messages:
    468
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    gangtok
    doooo anyone know how to get BACK after yahoo id is BEEN hacked .... :(
     
  8. Thor

    Thor Member

    Joined:
    Jun 9, 2004
    Messages:
    501
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    Bangalore
    U mean ur password has been changed by someone else ? Then there is a way,
    while signing up with Yahoo Mail, u had given a Secondary mail account.
    In their login page click the "Forgot" password link. They shall ask for ur id. Give it.
    They shall mail the new password to ur secondary a.c . if u haven't given the secondary a/c while signing in. they Sorry!
     
  9. tinku dhar

    tinku dhar New Member

    Joined:
    Sep 17, 2005
    Messages:
    468
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    gangtok
    well mayn ...,

    i have tried with tht also ... BUT noooo the HACKERs have done really very BADly ....

    also i have written letter to DIGIT bout this with a SCREENSHOt but they have not helped me :(
     
  10. deepgeek2

    deepgeek2 New Member

    Joined:
    Sep 12, 2005
    Messages:
    74
    Likes Received:
    0
    Trophy Points:
    0
    Location:
    Somewhere in .Net
    Open a new id and complain to yahoo about this
     
  11. tinku dhar

    tinku dhar New Member

    Joined:
    Sep 17, 2005
    Messages:
    468
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    gangtok
    well mate ... ,

    i have 1 but how suld i COMPLAIN also will they reply to my ????????????? complain ????????????????????????
     
  12. Thor

    Thor Member

    Joined:
    Jun 9, 2004
    Messages:
    501
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    Bangalore
    Slim Chance! In the first place u have no way to prove that it was your id.
     
  13. tinku dhar

    tinku dhar New Member

    Joined:
    Sep 17, 2005
    Messages:
    468
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    gangtok
    yaaaa but man if i give them the 1st password i used to have than ????????????????

    also my BIRTHDAY etc etc
     
  14. Thor

    Thor Member

    Joined:
    Jun 9, 2004
    Messages:
    501
    Likes Received:
    3
    Trophy Points:
    18
    Location:
    Bangalore
    It is quite possible that the hacker has changed the Birtdate too. And u would be better served directly mailing Yahoo authorities abt it. Moreover chances r all ur mails hv already been read/deleted / vandalized !
    So u wud be better of getting urself a new a/c.
     
  15. tinku dhar

    tinku dhar New Member

    Joined:
    Sep 17, 2005
    Messages:
    468
    Likes Received:
    1
    Trophy Points:
    0
    Location:
    gangtok
    okkkkkkkkkkkkkkkkkk i will neva gonna USE YAHOO now :(

    as i have send mail to them and they have not replied it also ... if possible gemme the yahoo mail's MAIN EMAIL id :) i will mail there bout this :)
     
Thread Status:
Not open for further replies.

Share This Page