Coming to this a few months late provides some... interesting
perspective.
On 24 Apr 2012, xTrade Assessory uttered the following:
Martin Gregorie wrote:
But back to banking? In the UK, anyway, you don't need to be either
intelligent or have any industry qualifications to run a bank. Back in
On Wed, 2012-04-25 at 00:08 +0100, RW wrote:
On Tue, 24 Apr 2012 15:23:28 +0100
Martin Gregorie wrote:
On Tue, 2012-04-24 at 14:25 +0100, RW wrote:
On Mon, 23 Apr 2012 01:20:13 -0300
xTrade Assessory wrote:
no serious bank, as any other serious company, would ever send out
On Mon, 23 Apr 2012 01:20:13 -0300
xTrade Assessory wrote:
no serious bank, as any other serious company, would ever send out
emails asking for user details
the user who believes that, is or incredible ingenious or incredible
stupid, so: happy clicking
I don't think it's all that stupid
On Tue, 2012-04-24 at 14:25 +0100, RW wrote:
On Mon, 23 Apr 2012 01:20:13 -0300
xTrade Assessory wrote:
no serious bank, as any other serious company, would ever send out
emails asking for user details
the user who believes that, is or incredible ingenious or incredible
stupid,
On 24/04/12 15:23, Martin Gregorie wrote:
My bank says up front and in writing that they will never ask for
account or login details by e-mail. I suggest moving your account away
from any bank that doesn't have the same policy and stick to it. Make
sure you tell them why you're leaving, though.
Martin Gregorie wrote:
On Tue, 2012-04-24 at 14:25 +0100, RW wrote:
On Mon, 23 Apr 2012 01:20:13 -0300
xTrade Assessory wrote:
no serious bank, as any other serious company, would ever send out
emails asking for user details
the user who believes that, is or incredible ingenious or
On Tue, 24 Apr 2012 15:23:28 +0100
Martin Gregorie wrote:
On Tue, 2012-04-24 at 14:25 +0100, RW wrote:
On Mon, 23 Apr 2012 01:20:13 -0300
xTrade Assessory wrote:
no serious bank, as any other serious company, would ever send out
emails asking for user details
the user who
On 4/22/2012 8:31 PM, haman...@t-online.de wrote:
a) phishers would probably move to hosting their own copies of the logos
Yup. However, spammers haven't completely adapted to greylisting, and
still spam from SBL/ZEN listed IPs, so perhaps this would catch some of
the long-hanging fruit?
Dave Warren wrote:
b) some users of image resizers would see the warning sign reduced
(I recently had someone complain about an error on our google maps our
office is here
page, and it turned out the visitor was using a smartphone via an image
resize service)
Were you tripping on a lack
On 4/23/2012 4:41 AM, haman...@t-online.de wrote:
Now thinking about the bank situation: the bank's webserver would see a request
from the resizing service, but it is up to the resizer to behave like a
real browser, or a proper http proxy
That's basically what I'm thinking. If the service
Den 2012-04-24 03:46, Dave Warren skrev:
It's only when there's an incorrect referrer that you can assume the
request isn't legitimate and you should return something different.
or banks care to send the image over https protocol not just http
Whether you do this immediately or have someone
OT but related
I just got a bunch of phishing attacks against a bank come through.
Following the link leads me to some owned website with the fake bank
frontend - and it had a feature that I've seen time and time again:
images and links from the real banksite
Why don't banks rub two braincells
On Mon, 2012-04-23 at 14:40 +1200, Jason Haar wrote:
OT but related
I just got a bunch of phishing attacks against a bank come through.
Following the link leads me to some owned website with the fake bank
frontend - and it had a feature that I've seen time and time again:
images and links
On Sun, Apr 22, 2012 at 10:40 PM, Jason Haar jason_h...@trimble.com wrote:
OT but related
I just got a bunch of phishing attacks against a bank come through.
Following the link leads me to some owned website with the fake bank
frontend - and it had a feature that I've seen time and time
OT but related
I just got a bunch of phishing attacks against a bank come through.
Following the link leads me to some owned website with the fake bank
frontend - and it had a feature that I've seen time and time again:
images and links from the real banksite
Why don't banks rub two
On 04/23/2012 06:40 AM, Jason Haar wrote:
OT but related
I just got a bunch of phishing attacks against a bank come through.
Following the link leads me to some owned website with the fake bank
frontend - and it had a feature that I've seen time and time again:
images and links from the
Jason Haar wrote:
OT but related
I just got a bunch of phishing attacks against a bank come through.
Following the link leads me to some owned website with the fake bank
frontend - and it had a feature that I've seen time and time again:
images and links from the real banksite
Why don't
Philip Prindeville wrote:
What about flagging HTML that has:
a href=.* onMouseOver=window.status
I.e. any links that attempt to intercept onMouseOver events and override
the status window should be flagged as suspect...
-Philip
Actually, this seems to work:
rawbody L_PHISH
Philip Prindeville wrote:
Actually, this seems to work:
rawbody L_PHISH /[aA] [hH][rR][eE][fF]=.*
(onMouseOver|onMouseMouse)=window\.status=/
describe L_PHISHTest for PHISH overwrites the status bar
score L_PHISH 6.0
I suppose I could beef it
Kelson wrote:
Philip Prindeville wrote:
Actually, this seems to work:
rawbody L_PHISH /[aA] [hH][rR][eE][fF]=.*
(onMouseOver|onMouseMouse)=window\.status=/
describe L_PHISHTest for PHISH overwrites the status bar
score L_PHISH 6.0
I suppose I
What about flagging HTML that has:
a href=.* onMouseOver=window.status
I.e. any links that attempt to intercept onMouseOver events and override
the status window should be flagged as suspect...
That would be nice, but spammers learned long ago (after I wrote rules for
those things) that all
On Thu, Mar 09, 2006 at 09:38:57PM -0800, Loren Wilton wrote:
That would be nice, but spammers learned long ago (after I wrote rules for
those things) that all you need to do is break the html over two lines and
SA can't catch it, because rawbody can only work on one line at a time.
Just to
22 matches
Mail list logo
