Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: [HV-PAPER] Anti-Phishing Tips You Should Not Follow

From: Michal Zalewski <lcamtuf () dione ids pl>
Date: Fri, 31 Mar 2006 10:24:46 +0200 (CEST)
On Fri, 31 Mar 2006, Jasper Bryant-Greene wrote:


Just as most of the phishing sites already do.

Really? I thought they somehow magically knew enough about you to sign
you in properly and display all the correct details ;)


No, but the reasonable practice would be not to alert the customer (and
have him possibly, say, panic and call the bank in question) - but rather,
display something along the lines of "Thank you for successfully verifying
your Frob Mutual account data. Bye."

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: