Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
techhub.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A hub primarily for passionate technologists, but everyone is welcome

Administered by:

Server stats:

4.9K
active users

techhub.social: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.8

Public
Doug Parker 🕸️

Banks: Stay safe from scams! Don't put any information into any site not using our specific origin.

Also banks: Please input your security information into this embedded widget on the merchant's origin.

Screenshot of United Airlines check-out page with a U.S. Bank popup which reads: "To continue with your transaction, please enter the one-time passcode sent to your mobile number." A text box and submit button require the user to provide this code. The URL bar of the browser is highlighted, which displays `united.com` and not `usbank.com`.
Doug Parker 🕸️

More seriously, this is a legitimate vulnerability in which should be fixed ASAP.

USBank is training it's users to just put their banking information into any site which asks and actively hurts the security of it's own users as well trains those users to do the same for any other service. What's the point of telling users to look for the padlock and check the origin, if sites will disregard it altogether anyways?

Dec 31, 2022, 08:53 AM·Public
0boosts·0favorites
ExploreLive feeds
About