> [...] bankofamerica won't show that picture to any other computer than the one you were using when you picked the picture. When the phisher logs in from a different computer, it doesn't get that picture and cannot pass it along to you.
And if you requested the correct URL but somehow landed on a bogus site, you will get a message about the certificate being wrong. That's the whole point of certificates. But if they tricked you into going to the wrong site and somehow got their own certificate at that site, there will be no such warning. That's what bankofamerica's login picture is all about, to close that loophole.
Thanks for that.
I've asked the support people at a coupl'a banks about the significance of those security pictures without getting a knowledgeable answer.
