[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3a166c090603311050y14363caaxa97b8ca556773de4@mail.gmail.com>
Date: Fri Mar 31 19:50:56 2006
From: n3td3v at gmail.com (n3td3v)
Subject: RSA HAVE CRACKED PHISHING, NO SERIOUSLY
It was back in 2001 when programs were written to rotate proxies... this is
never a problem for a phisher. Do you think a phisher would really carry out
a world-wide phishing attack, without knowing everything behind the issue?
The guys are going to have a large amount of data to harvest, for experts to
think for a spit second that that was ever going to be done manually is just
beyond me. And the figure of 300 within a phishers data pool is just
laughable as well, it goes way higher than that.
On 3/31/06, Valdis.Kletnieks@...edu <Valdis.Kletnieks@...edu> wrote:
>
> On Fri, 31 Mar 2006 19:06:29 +0100, n3td3v said:
>
> > Check out this article, and I really did spill my hard earned Starbucks
> > right down my front when I looked at this article:
> >
> http://news.com.com/5208-1029-0.html?forumID=1&threadID=15591&messageID=131433&start=3D-1
>
> Given that you allegedly posted that particular response, I take it you
> spilled
> your Starbucks in shock that somebody would claim to be you?
>
> The original article is at
> http://news.com.com/2100-1029-6056317.html?tag=tb
>
> In any case, it's clear that the person who posted that response has *no
> idea*
> how most bank's anti-fraud systems work.
>
> First off, the phishers *can't* just run through all the data they've
> gotten
> in just a few seconds, unless they distributed the work across a bunch of
> botnet
> zombies - hits for more than a few dozen different accounts from the same
> IP
> in the same timespan are suspicious at the very least.
>
> Secondly, the phishers can currently usually be sure that the victims have
> given them reasonably good data (unless the victim is a dweeb who can't
> enter
> their DoB or account number correctly). On the other hand, if the phished
> data
> has been polluted by 90% bad data, then only 1 of 10 attempted
> transactions
> will succeed - and the fact that they're trying lots of different bad data
> will
> again hopefully trigger an alert. If you only succeed every 10th time,
> and you
> get locked out after 3 attempts with different bad data, it's going to
> take you
> a lot longer to figure out which ones are good and which ones are bad....
>
>
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20060331/6de4c9ac/attachment.html
Powered by blists - more mailing lists