Originally Posted by
nerd
But, how would I be fooled by the login page presented by Bankofamercia.com?
After I enter my UserID at BofA.com, it then shows me a graphic I'd previously selected, as well as a phrase below it that I'd hand entered. If that doesn't appear, then I know something is wrong.
So is it impossible for a faker to take the UserID from your initial fake login and pass them on to the real BofA behind the scenes and retrieve those to construct the next fake screen that gets sent back to you?