Full Disclosure mailing list archives
Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY
From: Nancy Kramer <nekramer () mindtheater net>
Date: Sat, 01 Apr 2006 01:02:54 -0500
While I have no idea if what RSA is doing works or not but I have noticed the absence of phishing emails in my in box in the last few days. I used to get maybe half a dozen or more a day since I don't run spam filters. Not a one in the last two days. The Ebay and Paypal emails seemed to stop first. Now even the ones for banks I have never heard of are no longer coming in.
There must be a reason for this. Maybe the phishers decided to take a vacation.
Regards, Nancy Kramer Webmaster http://www.americandreamcars.com Free Color Picture Ads for Collector Cars One of the Ten Best Places To Buy or Sell a Collector Car on the Web At 01:20 PM 3/31/2006, Valdis.Kletnieks () vt edu wrote:
On Fri, 31 Mar 2006 19:06:29 +0100, n3td3v said: > Check out this article, and I really did spill my hard earned Starbucks > right down my front when I looked at this article:> http://news.com.com/5208-1029-0.html?forumID=1&threadID=15591&messageID=131433&start=3D-1Given that you allegedly posted that particular response, I take it you spilledyour Starbucks in shock that somebody would claim to be you? The original article is at http://news.com.com/2100-1029-6056317.html?tag=tb In any case, it's clear that the person who posted that response has *no idea* how most bank's anti-fraud systems work. First off, the phishers *can't* just run through all the data they've gottenin just a few seconds, unless they distributed the work across a bunch of botnetzombies - hits for more than a few dozen different accounts from the same IP in the same timespan are suspicious at the very least. Secondly, the phishers can currently usually be sure that the victims have given them reasonably good data (unless the victim is a dweeb who can't entertheir DoB or account number correctly). On the other hand, if the phished datahas been polluted by 90% bad data, then only 1 of 10 attempted transactionswill succeed - and the fact that they're trying lots of different bad data will again hopefully trigger an alert. If you only succeed every 10th time, and you get locked out after 3 attempts with different bad data, it's going to take youa lot longer to figure out which ones are good and which ones are bad.... _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.1.385 / Virus Database: 268.3.2/294 - Release Date: 3/27/2006
-- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.1.385 / Virus Database: 268.3.4/299 - Release Date: 3/31/2006 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RSA HAVE CRACKED PHISHING, NO SERIOUSLY n3td3v (Mar 31)
- Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY Valdis . Kletnieks (Mar 31)
- Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY n3td3v (Mar 31)
- Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY n3td3v (Mar 31)
- Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY Nancy Kramer (Mar 31)
- Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY n3td3v (Mar 31)
- Message not available
- Re: Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY n3td3v (Mar 31)
- RE: Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY php0t (Mar 31)
- Re: Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY n3td3v (Mar 31)
- RE: Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY php0t (Mar 31)
- Re: Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY n3td3v (Mar 31)
- Message not available
- Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY Valdis . Kletnieks (Mar 31)
- <Possible follow-ups>
- Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY ducki3 (Mar 31)
- Re: Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY Steven (Mar 31)
- Re: Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY n3td3v (Mar 31)
- Re: Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY n3td3v (Mar 31)
- Re: Re: RSA HAVE CRACKED PHISHING, NO SERIOUSLY Steven (Mar 31)