funsec mailing list archives
Re: The solution to Phishing
From: Drsolly <drsollyp () drsolly com>
Date: Mon, 24 Oct 2005 22:33:28 +0100 (BST)
On Mon, 24 Oct 2005, Jim Murray wrote:
Blanchard_Michael () emc com wrote:The banks should send out bogus messages just like a real phishing attack and set up a bogus web site that looks just like their real one. If a customer logs into that site from the phishing e-mail, their internet banking privledges are revoked for 30 days. If it happens again, their internet privledges are revoked completely. Done and dusted... Kinda like darwinism with a second chance on life ;-)No, no... treble bank charges for 6 months, a £250.00 'administration' penalty for changing their login details and an increas in the interest rate on borrowing for 6 months to cover potential losses due to user stupidity. THAT would soon stop phishing!
There has *always* been a tax on stupidity, and there has *never* been a shortage of stupidity. Taxes won't deal with phishing. All you have to do, is design a user-proof system, so that no matter what info the user gives to a phish, it can't be used for operating the user's account. This would cost a dollar per user, and reduce phishing losses for the participating banks to zero. The question in my mind, is "Why aren't any banks doing it?" _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re: The solution to Phishing, (continued)
- Re: The solution to Phishing Craig Webster (Oct 24)
- Re: The solution to Phishing Nick FitzGerald (Oct 24)
- Re: The solution to Phishing Drsolly (Oct 25)
- Re: The solution to Phishing Nick FitzGerald (Oct 25)
- Re: The solution to Phishing Drsolly (Oct 25)
- Re: The solution to Phishing Nick FitzGerald (Oct 25)
- RE: The solution to Phishing Aditya Deshmukh (Oct 25)
- Re: The solution to Phishing Nick FitzGerald (Oct 24)
- Re: The solution to Phishing Craig Webster (Oct 24)
- Re: The solution to Phishing Drsolly (Oct 24)
- Re: The solution to Phishing Jim Murray (Oct 24)