Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY

[Nancy Kramer <nekramer () mindtheater net>]

While I have no idea if what RSA is doing works or not but I have noticed 
the absence of  phishing emails in my in box in the last few days.  I used 
to get maybe half a dozen or more a day since I don't run spam filters. Not 
a one in the last two days.  The Ebay and Paypal emails seemed to stop 
first.  Now even the ones for banks I have never heard of are no longer 
coming in.

There must be a reason for this.  Maybe the phishers decided to take a 
vacation.

Regards,

Nancy Kramer
Webmaster http://www.americandreamcars.com
Free Color Picture Ads for Collector Cars
One of the Ten Best Places To Buy or Sell a Collector Car on the Web




At 01:20 PM 3/31/2006, Valdis.Kletnieks () vt edu wrote:

> On Fri, 31 Mar 2006 19:06:29 +0100, n3td3v said:
>
> > Check out this article, and I really did spill my hard earned Starbucks
> > right down my front when I looked at this article:
> > 
> http://news.com.com/5208-1029-0.html?forumID=1&threadID=15591&messageID=131433&start=3D-1
>
> Given that you allegedly posted that particular response, I take it you 
> spilled
> your Starbucks in shock that somebody would claim to be you?
>
> The original article is at http://news.com.com/2100-1029-6056317.html?tag=tb
>
> In any case, it's clear that the person who posted that response has *no idea*
> how most bank's anti-fraud systems work.
>
> First off, the phishers *can't* just run through all the data they've gotten
> in just a few seconds, unless they distributed the work across a bunch of 
> botnet
> zombies - hits for more than a few dozen different accounts from the same IP
> in the same timespan are suspicious at the very least.
>
> Secondly, the phishers can currently usually be sure that the victims have
> given them reasonably good data (unless the victim is a dweeb who can't enter
> their DoB or account number correctly).  On the other hand, if the phished 
> data
> has been polluted by 90% bad data, then only 1 of 10 attempted transactions
> will succeed - and the fact that they're trying lots of different bad data 
> will
> again hopefully trigger an alert.  If you only succeed every 10th time, 
> and you
> get locked out after 3 attempts with different bad data, it's going to 
> take you
> a lot longer to figure out which ones are good and which ones are bad....
>
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
>
> No virus found in this incoming message.
> Checked by AVG Anti-Virus.
> Version: 7.1.385 / Virus Database: 268.3.2/294 - Release Date: 3/27/2006


--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.385 / Virus Database: 268.3.4/299 - Release Date: 3/31/2006


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/