Jason Holt wrote:
On Mon, 11 Jul 2005, Lance James wrote:
[...]
place to fend off these attacks. Soon phishers will just use the site
itself to phish users, pushing away the dependency on tricking the
user with a "spoofed" or "mirrored" site.
[...]
You dismiss too much with your "just". They already do attack plenty
of sites, but they also phish because it has a larger return on
investment. Security is the process of iteratively strengthening the
weakest links in the chain.
I'm being misunderstood - Cross-User attack concepts specifically is
what I'm referring to. The straight on attacks on sites are definitely a
processed phase within the many attack vectors they are performing, I'm
just making clear that the businesses need to start working on those
weak links.
-Lance
-J
--
Best Regards,
Lance James
Secure Science Corporation
www.securescience.net
Author of 'Phishing Exposed'
http://www.securescience.net/amazon/
Find out how malware is affecting your company: Get a DIA account today!
https://slam.securescience.com/signup.cgi - it's free!
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]