• Home
• Products
• Solutions
• Compliance
• Videos
• Downloads
• Buy
• Contact
• About Us

• Introduction
• Express
• Biometric
• Encryption
• Anti-phishing technology
• Remote Deactivation
• SafeUpdate

Phishing and Man-in -the-Middle attacks

Phishing

Phishing is where cyber criminals use social engineering techniques, designed to fool users, in order to fraudulently extract sensitive information such as user names, passwords and credit card details.
Electronic communications pretending to be from social networking sites, online auctions or banking sites are commonly used to entice unsuspecting users to enter personal details at fake web sites which look and behave just like a legitimate site.
It requires tremendous skills, which are probably beyond the average user, to detect a professional phishing attack and a fraudulent web site and cyber criminals now have access to Universal Man-in-the-middle (MITM)

Phishing Kits which provide a simple-to-use interface allowing a would be phisher to convincingly reproduce web sites and capture log-in details entered at the fake site.

A man-in-the-middle attack (sometimes shortened to MITM) is a form of real time eavesdropping where the cyber criminal creates separate and independent connections between the victims relaying messages which

make them believe that they are talking directly and securely to each other over a private connection.
In reality the entire conversation is being monitored and controlled by the attacker.
The attacker is able to intercept all communications traffic between the two victims and inject new ones.

How SafeTok prevents Man-In-The-Middle attacks.

First of all for SafeTok users all authentication is performed automatically. Not only is this faster and more convenient for the user, its also safer.
SafeTok not only encrypts the authentication information, it also checks where the information will be sent using standard cryptographical techniques. Even if the information is intercepted, no one apart from the

SafeTok authentication server can decrypt it or use it.
The cryptographical methods used by SafeTok to verify the authenticity of the web site cannot be fooled and are mathematically proven.

Should SafeTok detect a Man-In-The-Middle attack it will refuse to provide any authentication data and immediately notify the user together with the administrator of the compromised web page

Email sales@safetok.com for more information.