Penetration Testing mailing list archives

Re: Online Fraud Protection

From: Umut Inetas <inetasumut () yahoo com>
Date: Sun, 25 Jun 2006 23:34:59 -0700 (PDT)

No,there is nothing with asking our customers to having MS-OS...
When i said " We are going to advance MS new operating system (Vista) and IE7 in a near future" i meant that we will 
deploy Vista and will have MS as a partner and thats why we want to participate in reporting to Microsoft.
As you know MS is gathering data by using Microsoft SpyNet and somehow like this we want to report MS.
By the way,"XSS-Phishing on Financial Sites" article is good.
But are there anyone who have actual suggestions on this case? Or do i have to just rely on our vendors??

----- Original Message ----
From: Adviser <theadviser () gmail com>
To: Umut Inetas <inetasumut () yahoo com>; pen-test () securityfocus com
Sent: Saturday, June 24, 2006 8:57:37 PM
Subject: Re: Online Fraud Protection

Apologies if i haven't understood your question .... Are you saying that you 
are going to ask all you customers to have Vista + IE 7???????

Regards
Syed
----- Original Message ----- 
From: "Umut Inetas" <inetasumut () yahoo com>
To: <pen-test () securityfocus com>
Sent: Friday, June 23, 2006 11:36 AM
Subject: Online Fraud Protection

   Hi All;
I've been reading e-mails on this site for a couple of years and it helped 
me so much,thanks all the people who keep this lists alive.
Now i'm working for a banking comp. and we are planning deployment of 
anti-phising and anti-fraud services for our company.
As the specified needs are:
Scanning and reporting dns domain names, e-mail content, brands in web 
sites, company names and ssl certificates which are fraud or not.
 Taking precautions for  fraud and phising sites  We are going to advance 
MS new operating system (Vista) and IE7 in a near future and we have 
Microsoft as partner; we will need reporting to Microsoft for Microsoft's 
anti-phishing add-on filter or IE7's integrated anti-phishing filter to 
prevent people accessing detected fraud sites automatically.
There are some vendors which proposed us some solutions but we haven't 
decided yet.
As you are IT security pro. what is your advice about this case? Have you 
ever tested,pen-tested or experienced this kind of anti-fraud services?
Thanks in advance...


------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the 
Analyst's
Choice Award from eWeek. As attacks through web applications continue to 
rise,
you need to proactively protect your applications from hackers. Cenzic has 
the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with 
a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------



------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------





------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security? 
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's 
Choice Award from eWeek. As attacks through web applications continue to rise, 
you need to proactively protect your applications from hackers. Cenzic has the 
most comprehensive solutions to meet your application security penetration 
testing and vulnerability management needs. You have an option to go with a 
managed service (Cenzic ClickToSecure) or an enterprise software 
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can 
help you: http://www.cenzic.com/news_events/wpappsec.php 
And, now for a limited time we can do a FREE audit for you to confirm your 
results from other product. Contact us at request () cenzic com for details.
------------------------------------------------------------------------------

Current thread:

Online Fraud Protection Umut Inetas (Jun 23)
- Re: Online Fraud Protection Adviser (Jun 25)
  - Re: Online Fraud Protection Umut Inetas (Jun 26)
- <Possible follow-ups>
- RE: Online Fraud Protection Craig Wright (Jun 25)
- Re: RE: Online Fraud Protection josh . perrymon (Jun 26)
  - books sifo (Jun 26)
    - Re: books Vinod Gadgoli (Jun 27)
    - Re: books Francisco Pecorella (Jun 27)
    - RE: books Warbeck, Mark (Jun 27)
    - RE: books david (Jun 27)
    - Message not available
    - Re: books US Infosec (Jun 27)
    - Re: books sifo (Jun 28)
    - Re: books[Scanned] Davie Elliott - Eluse (Jun 27)

(Thread continues...)