funsec mailing list archives
Re: Nordea Sweden shuts Internet banking due to targeted phishing
From: jm () jmason org (Justin Mason)
Date: Tue, 04 Oct 2005 17:55:05 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Blue Boar writes:
Drsolly wrote:Banks could fix the phishing problem if they had the incentive. It isn't bad enough yet to make them want to fix it.I wonder whether it can be solved. The fundamental problem is that people can be tricked into going to a web site that looks like something they use, and putting in their creds. That's set of people A. You can change the legitimate site such that there is something noticably different about the legitimate site that some people can notice and pay attention to. Call this set of people B. How much intersection is there between sets A and B?
Depends, in my opinion, on the degree of change made to the legit site, and its practices. If they carry on treating the web and email as another marketing channel, with HTML-heavy newsletters sent via SMTP through outsourced mass-mailing companies, it's a lost cause. See: - - John Levine's "Phish or Phair" tests -- good luck telling the "real deal" from the phishes: http://weblog.taugh.com/phish1.html , http://weblog.taugh.com/phish2.html . - - Adam Shostack's _Preserving the Internet Channel Against Phishers_, http://www.homeport.org/~adam/phishing.html , in which he gives 4 simple steps that *will* fix the problem. - --j. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Exmh CVS iD8DBQFDQyRpMJF5cimLx9ARAnNuAJwOL2CWzIuoXBUNiZwgvydPDpDVvQCgsFKX 3CTJDEGWHEca1kD8IhenlJk= =5bCj -----END PGP SIGNATURE----- _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Nordea Sweden shuts Internet banking due to targeted phishing Fergie (Paul Ferguson) (Oct 04)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Florian Weimer (Oct 04)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Dan Kaminsky (Oct 04)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Drsolly (Oct 04)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Blue Boar (Oct 04)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Justin Mason (Oct 04)
- RE: Nordea Sweden shuts Internet banking due to targetedphishing Larry Seltzer (Oct 04)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Blue Boar (Oct 04)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Drsolly (Oct 05)
- RE: Nordea Sweden shuts Internet banking due to targetedphishing Larry Seltzer (Oct 05)
- RE: Nordea Sweden shuts Internet banking due to targetedphishing Drsolly (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targetedphishing Valdis . Kletnieks (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Dan Kaminsky (Oct 04)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Craig Webster (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Drsolly (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Craig Webster (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Drsolly (Oct 05)
- Re: Nordea Sweden shuts Internet banking due to targeted phishing Florian Weimer (Oct 04)