I disagree - this is a good idea, and it REALLY DO WORKS (have been tested
on hackers, with great success).
Moreover, it is not a problem to catch this fishers/phishers... issue 1,000
special credit cards, send their data to this site, and trace who and how
will use them. Or just intersect
I received a few messages as well, one with US Bank, which I don't
have an account with, and they both had images attached. The image
was displayed, without any external connection.
As far as fighting abuse with abuse, it's not *always* a bad idea. If
the databases are filled with bad entries,
I'm thinking that Citibank will cease to be a target if they give (ok,
it's a bank - sell) their subscribers a hardware token that requires
presence of the ATM card when the customer wants to use online banking
facilities... as several banks here in the Netherlands do.
This is a social
Alexei Roudnev wrote:
Why don't write out a generator of credit cards / pins and flood out this
site by false information?
(I saw a few better examples, btw).
Because fighting abuse with abuse is never a good idea?
Pete
I wonder if the banks have ever considered how they have
contributed to the problem. If their pages were straight
up, no pop-up's, no JavaVirus, etc it would be far easier
to tell their customers:
==
Here is what our page
The mail originated from 68.77.56.130 (an ameritech.net DSL connection,
right now not pingable) and loads some images from www.citibank.com.
It links to http://61.128.198.51/Confirm/ - an IP address hosted by
Chinanet (transit to there supplied by Savvis from my point of view).
It's a 1 line rule
On Tue, 17 Aug 2004, Eric Kuhnke wrote:
It's a 1 line rule with mod_rewrite and apache to block
nonexistant or off-site http referers attempting to display
GIF/JPG/PNG images... Sometimes I wonder why Citibank,
Paypal and others don't do this. It would cut down on the
displayed
I wonder if the banks have ever considered how they have
contributed to the problem. If their pages were straight
up, no pop-up's, no JavaVirus, etc it would be far easier
to tell their customers:
==
Here is what our page
On Tue, 17 Aug 2004 08:05:41 -0400 (EDT)
David Lesher [EMAIL PROTECTED] wrote:
| I wonder if the banks have ever considered how they have contributed
| to the problem. If their pages were straight up, no pop-up's, no
| JavaVirus, etc it would be far easier to tell their customers:
|
|
On Tue, 17 Aug 2004 [EMAIL PROTECTED] wrote:
Barclays also uses a memorable word in addition to
the PIN code. They repeatedly tell us that no-one
from Barclays will ever ask us to reveal this
memorable word. It's only use is for a simple
challenge-response where the website asks for
two specific
On Tue, 17 Aug 2004, Eric Kuhnke wrote:
The mail originated from 68.77.56.130 (an ameritech.net DSL connection,
right now not pingable) and loads some images from www.citibank.com.
It links to http://61.128.198.51/Confirm/ - an IP address hosted by
Chinanet (transit to there supplied by
TW Date: Tue, 17 Aug 2004 09:06:30 -0400 (EDT)
TW From: Tim Wilde
TW Because many (broken) browsers/proxies/firewalls/etc block
TW or forge referrer headers for security and they'd quadruple
TW their tech support load with all their idiot customers using
TW Norton Internet Security or other
Edward B. Dreger wrote:
Ughh. Some security products cause more trouble than they
solve. Norton Internet Security is obnoxious enough to filter
ads by nuking graphics based on pixel dimensions. (After having
to alter some sites to get around this, we have a much harder
time recommending
Speaking of computers fubar'ed by spyware, I just found a particularly
nice example of a phishing attempt. SpamAssassin had tagged it with the
astronomical score of 136.3 thanks to SARE.
The mail originated from 68.77.56.130 (an ameritech.net DSL connection,
right now not pingable) and loads
How strange, I received that in my email too..
-Henry
--- Niels Bakker [EMAIL PROTECTED] wrote:
Speaking of computers fubar'ed by spyware, I just
found a particularly
nice example of a phishing attempt. SpamAssassin
had tagged it with the
astronomical score of 136.3 thanks to SARE.
On Mon, 16 Aug 2004, Niels Bakker wrote:
It's disheartening to see that this website is still online after
several days (I received the scam mail received Friday morning).
out of curiosity, you did send in a complaint to CitiBank's proper alias
for spoofing/phishing/blah, and a followup to
Christopher L. Morrow wrote:
On Mon, 16 Aug 2004, Niels Bakker wrote:
It's disheartening to see that this website is still online after
several days (I received the scam mail received Friday morning).
out of curiosity, you did send in a complaint to CitiBank's proper alias
for
: WashingtonPost computer security stories)
Speaking of computers fubar'ed by spyware, I just found a particularly
nice example of a phishing attempt. SpamAssassin had tagged it with the
astronomical score of 136.3 thanks to SARE.
The mail originated from 68.77.56.130 (an ameritech.net DSL
18 matches
Mail list logo
