funsec mailing list archives
Re: The end of Phishing in sight?
From: Valdis.Kletnieks () vt edu
Date: Mon, 17 Oct 2005 16:04:39 -0400
On Mon, 17 Oct 2005 19:06:13 -0000, "Fergie (Paul Ferguson)" said:
Federal regulators will require banks to strengthen security for Internet customers through authentication that goes beyond mere user names and passwords, which have become too easy for criminals to exploit.
It's maybe perhaps the start of something... Most likely, the start of pushing a squishy problem around so it's squishing into someplace else. Remember - the only thing this will stop is phishing for enough info so that the phisher can logon to the bank's website. It doesn't do squat for phishers that snag a credit card number and use that to order a bunch of stuff, or phishers that snag a checking account number and use that to do something devious, or phishers that snag an SSN and use it to... Ah hell.. What percent of the time *do* the phishers turn around and actually login to the bank's website? ;) (I'll bet a large pizza with everything on it that if said rules go through, in the first 6 months we'll see at least one bank will deploy something meeting the rules as written, but still totally vulnerable to a MITM attack).
Attachment:
_bin
Description:
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- Re[4]: The end of Phishing in sight?, (continued)
- Re[4]: The end of Phishing in sight? Pierre Vandevenne (Oct 17)
- Speaking of phishing xyberpix (Oct 18)
- Re: Speaking of phishing Richard Cox (Oct 18)
- Re: Speaking of phishing xyberpix (Oct 19)
- Re: The end of Phishing in sight? Blue Boar (Oct 17)
- Re: The end of Phishing in sight? Justin Mason (Oct 17)
- Re: The end of Phishing in sight? Valdis . Kletnieks (Oct 17)
- Message not available
- Re: The end of Phishing in sight? Douglas F. Calvert (Oct 17)
- Re[2]: The end of Phishing in sight? Pierre Vandevenne (Oct 17)
- Re: Re[2]: The end of Phishing in sight? Douglas F. Calvert (Oct 17)
- Re[4]: The end of Phishing in sight? Pierre Vandevenne (Oct 18)
- RE: Re[4]: The end of Phishing in sight? Aditya Deshmukh (Oct 18)
- Re: The end of Phishing in sight? Nick FitzGerald (Oct 17)
- Re: The end of Phishing in sight? Dave Dennis (Oct 18)
- Re: The end of Phishing in sight? Craig Webster (Oct 18)
- RE: The end of Phishing in sight? Aditya Deshmukh (Oct 18)
- Re: The end of Phishing in sight? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Oct 18)