Comment Re:One-time pads (Score 1) 284
- Attacker posts the malicious transfer form and performs the query to tell the bank to send out a text message.
- Attacker displays a fake copy of the verification form where you are supposed to enter the info from the text message.
- You read the text message, especially the part describing a $20,000 transfer to Zurich.
- You don't enter the verification code.
Fixed that for you.