funsec mailing list archives

Re: The end of Phishing in sight?

From: Dave Dennis <dmd () speakeasy org>
Date: Mon, 17 Oct 2005 14:44:57 -0700 (PDT)

Question for the technical types on the list --

Since most / all phishes pull graphics from deep links in the site
they are spoofing ..

and since apache (and I think IIS too?) can prevent easily so called
'deep-linking' from their site, or ACL at the gateway only approved
server ip to link to their image stores...

Why do the major financial institutions and other companies falling
prey to phishing simply not allow deep-linking of their images and
pages?

Would this not solve a majority of phish mails, at least require the
bad guys to build a whole page by hand themselves, rather than pull
handy graphics from the spoofed site.. ?


+-------------------------
+ Dave Dennis
+ Seattle, WA
+ Speakeasy, Inc.
+ dmd () speakeasy net
+ http://www.speakeasy.net
+-------------------------
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Re: The end of Phishing in sight?, (continued)
- - - Re: The end of Phishing in sight? Valdis . Kletnieks (Oct 17)
    - Message not available
    - Re: The end of Phishing in sight? Douglas F. Calvert (Oct 17)
    - Re: The end of Phishing in sight? Nick FitzGerald (Oct 17)
- Re: The end of Phishing in sight? Valdis . Kletnieks (Oct 17)
  - Re[2]: The end of Phishing in sight? Pierre Vandevenne (Oct 17)
    - Re: Re[2]: The end of Phishing in sight? Douglas F. Calvert (Oct 17)
    - Re[4]: The end of Phishing in sight? Pierre Vandevenne (Oct 18)
    - RE: Re[4]: The end of Phishing in sight? Aditya Deshmukh (Oct 18)
- Re: The end of Phishing in sight? Jim Murray (Oct 17)
  - Re: The end of Phishing in sight? Nick FitzGerald (Oct 17)
    - Re: The end of Phishing in sight? Dave Dennis (Oct 18)
    - Re: The end of Phishing in sight? Craig Webster (Oct 18)
    - RE: The end of Phishing in sight? Aditya Deshmukh (Oct 18)
    - Re: The end of Phishing in sight? Rob, grandpa of Ryan, Trevor, Devon & Hannah (Oct 18)
    - Re: The end of Phishing in sight? Blue Boar (Oct 18)
- Re: The end of Phishing in sight? Blue Boar (Oct 17)
- Re: The end of Phishing in sight? Dave Dittrich (Oct 17)
  - RE: The end of Phishing in sight? Richard M. Smith (Oct 17)
    - RE: The end of Phishing in sight? Nick FitzGerald (Oct 17)
    - Re: The end of Phishing in sight? Tom Van Vleck (Oct 17)
  - Re[2]: The end of Phishing in sight? Pierre Vandevenne (Oct 17)

(Thread continues...)