Yahoo adds seal to stop phishing sites

Yahoo is testing a new security feature that allows users to create a coloured seal to distinguish a genuine Yahoo login page from an impostor.

The "sign-in seal" is designed to protect users from phishing websites, fraudulent websites that attempt to trick people into giving up their login and password information.

To create the seal, a Yahoo user must either upload an image or choose a colour and a phrase of up to three words. The seal then appears on any Yahoo login page displayed on that computer, but won't appear on a phishing page masquerading as Yahoo.

Because the seal is linked to a particular computer, it's not meant to be used on public systems, such as those in libraries and internet cafes.

Other websites, such as the Bank of America, have adopted sign-in seals that are displayed after a user signs in. Yahoo said it would link the seal to the computer instead, so that a genuine Yahoo page could beidentified without entering any personal information first.

The sign-in seal is based on cookies, small text files that a website places on an individual computer. The seal doesn't work if cookies are disabled.

Yahoo said the security seal is being offered to a fraction of its users at first, but will be available to all users in the coming weeks.