Beware bank website dangers

Researchers from the University Michigan have conducted a study of the websites of 214 banks, and found design flaws in 76 percent of them that could potentially put the customers at risk.

The research didn't find vulnerabilities in the websites themselves. Instead, it found that many banks redirect users to insure third-party sites with supposedly secure login boxes that often rely on Social Security numbers or email addresses as default names.

The study said use of this information on the insured third-party sites could make it easy for an outsiders to figure out the codes and steal personal data.

"We want banks to make the right decisions so people who are trying to be careful can do online banking securely," said lead researcher, Atul Prakash, a professor of computer science and engineering. The study said even careful customers could fall victim to a "phishing" scam if they enter personal information on a site that does not belong to their bank.

For more on this study:
- see Finextra.com article