[funsec] The solution to Phishing
Jeff Rosowski
rosowskij at ie.ymp.gov
Mon Oct 24 15:04:46 CDT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> The banks should send out bogus messages just like a real phishing attack
> and set up a bogus web site that looks just like their real one. If a
> customer logs into that site from the phishing e-mail, their internet
> banking privledges are revoked for 30 days. If it happens again, their
> internet privledges are revoked completely.
>
> Done and dusted... Kinda like darwinism with a second chance on life ;-)
How about we just ship everyone who falls for a phishing scam off to some
uninhabited island somewhere.
But really, I think requiring users to use a public/private key system to
secure all financial transactions would be a good step in the right
direction. Though I also see users easily being fooled into screwing up
even that. So who knows.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (FreeBSD)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQFDXT5hTs2s3OoD6D8RAvjoAJ4xxMW2HP6+N1+8FtWT/nninKDX3ACeMkgl
RF50G9EopqLJXo5ZnuTGAZ4=
=TBL0
-----END PGP SIGNATURE-----
More information about the funsec
mailing list