Re: Should phishing termination be only in the real of the for-profit?

["Dude VanWinkle" <dudevanwinkle () gmail com>]

On Dec 14, 2007 11:02 AM, Alex Eckelberry <AlexE () sunbelt-software com> wrote:
> http://weblog.infoworld.com/zeroday/archives/2007/12/dont_be_a_phish.html
>
> While there have been some funny examples of people who have gone to great
> lengths to hoodwink phishers and other online fraudsters -- and some people
> have even turned the pursuit into a [full-time hobby] (link to
> http://www.castlecops.com/), new research shows that playing games with the
> cyber-thieves just might not be a good idea."
>
> My response:
>
> http://sunbeltblog.blogspot.com/2007/12/this-is-not-cool.html

--------------------------------------------

I actually think that you should only visit those sites from a secure
isolated VM/VLAN running FF and NoScript (unless you want to get
infect for analysis purposes, then do it from ff or ie in a private
vlan, but I digress.

On to my point: Putting in swearwords is stupid. If you are going to
try and piss off phishers, but in semi-legitimate information so that
they have to spend the time finding out which cards are real or not.

The best thing I have done is had a card canceled for fraud (alerts
will sound if this card is used) and plugged that into phishing
scammers pages. This way, they may actually get caught...

-JP
> Alex Eckelberry
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.