# If the TAN list is compromised, the user may cancel it by notifying the bank.
However, as any TAN can be used for any transaction, TANs are still prone to [[phishing attacks]] where the victim is tricked into providing both password/PIN and one or several TANs. Further, they provide no protection against [[man-in-the-middle attack]]s, (where an attacker intercepts the transmission of the TAN, and uses it for a forged transaction, such as when the client system becomes compromised by some form of [[Antivirus software|malware]] that enables a [[Hacker (computer security)|malicious user]]. Although the remaining TANs are uncompromised and can be used safely, users are generally advised to take further action, as soon as possible.
Especially when the client system becomes compromised by some form of [[Antivirus software|malware]] that enables a [[Hacker (computer security)|malicious user]], the possibility of an unauthorized transaction is high. Although the remaining TANs are uncompromised and can be used safely, users are generally advised to take an appropriate action, as soon as possible.
