Not being a programmer, I would like to see a small program that can set up secure favorites/bookmarks for banking and other financial transactions. It should be capable of setting up the secure (https) favorites/bookmarks for both banks and shopping sites.
For banks it would need to do the following:
1. locate and verify the genuine website of the bank/financial institution, possibly using a technique like the Hinson Tip at
http://www.noticebor.../phishing_alert.html. The user would only have to input the name of the bank or financial institution.
2. prompt the user to log in, verify that the following page is an https page, and then click a link to another https page.
3. Automatically bookmark (add to favorites) the page in 2. above with the name of the bank and an indicator that the site is secure. Example: Bank of America - SECURE
For shopping sites
1. Visit the web site and go through the process to do a test purchase.
2. When the program arrives at the payment options page, verify that it is secure. 3. Then bookmark or add that https page to favorites with an indicator that the page is secure. Example: AMAZON.COM - SECURE
The program would also need to stress that users should use ONLY SECURE book marks/favorites to access all sites where they conduct any kind of financial transactions.
My rationale for this is that the main way people get phished is by getting tricked into clicking links in email, on web sites and in Instant Messages, etc. Another way they can get phished is by DNS poisoning.
Right now the security industry expends its efforts in telling people how to recognize fake web sites and fake email, etc. A program like this would focus on getting users to the correct web site where they will not get phished, and they can stop wasting their time reading about fake this and fake that. Of course setting up secure bookmarks/favorites can be easily done manually by most users, but having a program that "does it for them" might even lure some of the gullible into actually using it.
