Quote:
Originally Posted by Donkey Punch
When you go to sign up for a sponsor and you're filling in all of your information that a ID thief would want, do you get a little iffy when the sponsors join form isn't Secure Socket Layer (HTTPS) ?
I know that I see this scenario quite frequently. What are your thoughts?
|
Hackers can sniff your credentials and change your payment info in affiliate area?
I think NATS should change this ...
Most of the sponsors still have clear text affiliate ID in URL and that is vulnerable at brute force http attacks.
If you have 100 of sponsors that it is a problem ...but if you have two, it is not
