Sunday, February 10, 2008

Another google horror story

I'm a very experienced internet user, which is part of why I've asked not use my name. I'm the -last- person that should be a phishing victim, yet it happened to me. Since it happens to internet professionals far less than, say, the clueless relatives of internet professionals, of course we blame it on the user.

The design problem is you want the site's interface to be uniform every time you visit, this tells the user "this is the real gmail". But this is what the phishers are exploiting. If the site was somewhat different every time you visited, it would be jarring and perhaps cause more people to look at the URL to make sure they were in the right place. Bank of America uses a "personal icon" that you should see to ensure it's the right server. It's not the most elegant solution, but it is a step in the right direction.

Read the article HERE.


Post a Comment

Links to this post:

Create a Link

<< Home