Your borders are secured with firewalls and secure email boundary appliances. You’ve armed end-users with local firewalls. You make sure every node on the network’s automatically upgraded. You’ve even given users extensive spam/scam/phishing training. You’re totally unphishable, right?

Wrong. Every browser on your net is easily phishable… including yours: Internet Explorer, Mozilla, Firefox, Opera, Konqueror, Safari or Netscape.

Of course, you need proof. That’s why Secunia built a test page.

Here’s how it works: You have several browser windows open. In one window, you visit an untrusted site. You open another window to visit your bank, and click the login screen. The login window pops up. You type in your user name and password, and presto! You hand over your bank account to the mob.

Experts claim the phishing code is really easy to write.

Currently, there is one and only one way to protect yourself. Before you go to a website that requires a user name and password, close all other browser windows.

Add this one to the top of your user-training list.