from: The SANS Institute [NewsBites@sans.org]
(13 & 10 July 2006)
Phishers are targeting Citibank Citibusiness customers using a man-in-the-middle attack to exploit people's trust in two-factor authentication. The scheme, if successful, would provide the phishers with Citibank Citibusiness customers' names and passwords in addition to temporary passwords generated by security tokens. The scheme passes on the customers' entered information to the legitimate site to see if it authentic. In a real-time attack scenario, the temporary passwords could be used before they expire. The phony site has reportedly been shut down.