But I am Protected?
 

A problem probably on both sides of the pond. From the BBC of 25 Mar 2007: What happens if someone gets access to your brokerage account and pilfers it? You are 100% responsible for the losses. Brokerage need not reimburse you for any of $hundreds of thousand in losses. That is the law.

Where are best places to phish for such account passwords? Libraries, hotel computers, etc. Simply put spywear (keystroke recorders) on those computers and wait for a nibble. Keystrokes are recorded, sent overseas, and you brokerage accounts are suddenly empty. Libraries, hotels, and other public computer locations routinely make little effort to clean their machines.

Worse are the so many who automatically assume they are protected.

But tw, what idiot would use a public PC to do their broking or Internet Banking, or Net purchasing? What you say is correct, but that is assuming someone would use a Net café, or one of those pcs set up in shopping malls. Surely no Cellar dweller would be that stupid. :right:

He' preaching to his lurking minions, Dave.;)

True, but what would happen if you didn't have enough money to buy your own computer?

Most financial institutions are implementing stronger security that will ask annoying key questions if they sense you are at a public terminal or not at your usual IP address range.

This is new. Annoying too.

lol...then perhaps internet broking is not their forte! :)

"Never underestimate the power of human stupidity." - Robert Heinlein.

You do so at your peril.

Symantec reportsThis blew my mind. I can get your (or somebody's, maybe not "yours") credit card information for a couple of bucks. An "identity" is less than $20.
...

It doesn't even have to be your "fault". If your data is out there, it's at risk.

AND virtual keyboards to confound keyloggers. i can take a little annoyance, i think

And there are many who just haven't a clue. My MIL has starting using internet banking. It's scary. She wouldn't recognize a phishing email if it stank like a kipper. She would trust anyone who offered to help her. We're sending her to internet security bootcamp when she comes over in a few weeks. it's going to be like teaching the children about stranger danger. I sent my dad some sensitive information by email (coded and split into two), he reassured me that he had got the information and "destroyed the emails" :rolleyes:

12% is a pretty small figure when you think about it. It's like when mass production cars became available and people learned to drive from the manual.

what's her email addy again? i seem to have misplaced it

Speaking of data breaches ... anyone recall the TJ Maxx incident of '06 (someone hacked TJ Maxx's computers just past Christmas and mined all the credit card information)?

I don't know what the other carriers are doing, but Citibank just replaced the cards of every single one of their cardholders that ever made a purchase from TJ Maxx.

Sure. Riiiight.

Here's my take on your observations.

I find the phrase "Virtual keyboard" positively gravid with the potential for the worst kind of abuse, that being a false sense of security. I *think* I can imagine something like you're talking about, that does confound keyloggers, but I can easily think of several ways to call it the same thing that does nothing of the sort.

The sad reality is that convenient and secure practically never live in the same box. They are in inverse proportion to each other. And in those rare scenarios where both values are high, they got that way by adding a lot of money. Convenient, secure, inexpensive. Pick any two, but only two.

What most users find is that something that is annoying will not be used. And the bad guys know this too. Your threshold for annoyance is different than other people's threshold, but it is a difference of degree only. And you have your limit too, as I do, as we all do. Heck, even the lady at the bank told me that she deals with this new level of complexity by answering all the questions, regardless of the question, with the same answer. That's her solution to this security annoyance.

If it sucks to use it, it will not be used. I guaran-damn-tee it.

dude, don't get all bent...it's just for the final password.....after they ask you a question, display your keymark picture with your keymark phrase, which comes after you enter your account number. now take a deep breath

Same people who also use the same password for everything.

I created a form so that each can enter (either via Word or using a pen) unique passwords for each web site (along with lock combinations, vehicle key number, etc). Not one uses it.

Meanwhile, public computers are used frequently for anything. Even if not accessing financial records, that common password is obtained.