Gathering Passwords with Web 2.0 Sites

I was watching a security seminar the other day and for about the third time this month, I heard the dangers of entering passwords with “Web 2.0” sites.

Here is the problem, in the olden days, when you entered a password into the password field, it was not sent until you clicked the send button.

Now, with the newer web applications, everything you type in the field is captured as you type it. This just makes hackers giddy.

When they make a fake site, say it is a bogus store, many people will put in a credit card number for the sale, then have second thoughts and back out of it. Well, it doesn’t matter, they have the number, as it was transferred as it was typed.

Another reason hackers love this live data transfer is with social engineering sites. How many passwords do you have? How many times have you entered a password for another site, realized what you did, deleted it and put in the right password for the site? Well, now the hackers have two of your passwords. Or more, depending on how many you type in while your brain is in melt down mode.

Be careful out there, cyber crime is big business now and they are doing everything they can to try to get information out of you.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.