Jason Holt wrote:
On Mon, 11 Jul 2005, Lance James wrote:
[...]
place to fend off these attacks. Soon phishers will just use the site
itself to phish users, pushing away the dependency on tricking the
user with a "spoofed" or "mirrored" site.
[...]
You dismiss too much with your "just".
--
Adam Fields <[EMAIL PROTECTED]>
> But it's so much worse than that. Not only is there no
> standard behavior, the credit companies themselves
> have seemingly gone out of their way to make it
> impossible for there to be any potential for a
> standard.
Widely shared secrets are inherently
On Mon, 11 Jul 2005, Lance James wrote:
[...]
place to fend off these attacks. Soon phishers will just use the site itself
to phish users, pushing away the dependency on tricking the user with a
"spoofed" or "mirrored" site.
[...]
You dismiss too much with your "just". They already do attack
Jason Holt wrote:
I remember the first time a site asked for the number on the back of
my credit card. It was a Walmart or Amazon purchase, and with no
warning they redirected me to some site with a questionable domain. I
thought for sure my session was being hijacked, and my bank had given
On Mon, Jul 11, 2005 at 09:37:36PM +, Jason Holt wrote:
> I remember the first time a site asked for the number on the back of my
> credit card. It was a Walmart or Amazon purchase, and with no warning they
> redirected me to some site with a questionable domain. I thought for sure
> my ses