[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <6.0.1.1.2.20060401005909.04256d50@mail.mindtheater.net>
Date: Sat Apr 1 06:20:18 2006
From: nekramer at mindtheater.net (Nancy Kramer)
Subject: RSA HAVE CRACKED PHISHING, NO SERIOUSLY
While I have no idea if what RSA is doing works or not but I have noticed
the absence of phishing emails in my in box in the last few days. I used
to get maybe half a dozen or more a day since I don't run spam filters. Not
a one in the last two days. The Ebay and Paypal emails seemed to stop
first. Now even the ones for banks I have never heard of are no longer
coming in.
There must be a reason for this. Maybe the phishers decided to take a
vacation.
Regards,
Nancy Kramer
Webmaster http://www.americandreamcars.com
Free Color Picture Ads for Collector Cars
One of the Ten Best Places To Buy or Sell a Collector Car on the Web
At 01:20 PM 3/31/2006, Valdis.Kletnieks@...edu wrote:
>On Fri, 31 Mar 2006 19:06:29 +0100, n3td3v said:
>
> > Check out this article, and I really did spill my hard earned Starbucks
> > right down my front when I looked at this article:
> >
> http://news.com.com/5208-1029-0.html?forumID=1&threadID=15591&messageID=131433&start=3D-1
>
>Given that you allegedly posted that particular response, I take it you
>spilled
>your Starbucks in shock that somebody would claim to be you?
>
>The original article is at http://news.com.com/2100-1029-6056317.html?tag=tb
>
>In any case, it's clear that the person who posted that response has *no idea*
>how most bank's anti-fraud systems work.
>
>First off, the phishers *can't* just run through all the data they've gotten
>in just a few seconds, unless they distributed the work across a bunch of
>botnet
>zombies - hits for more than a few dozen different accounts from the same IP
>in the same timespan are suspicious at the very least.
>
>Secondly, the phishers can currently usually be sure that the victims have
>given them reasonably good data (unless the victim is a dweeb who can't enter
>their DoB or account number correctly). On the other hand, if the phished
>data
>has been polluted by 90% bad data, then only 1 of 10 attempted transactions
>will succeed - and the fact that they're trying lots of different bad data
>will
>again hopefully trigger an alert. If you only succeed every 10th time,
>and you
>get locked out after 3 attempts with different bad data, it's going to
>take you
>a lot longer to figure out which ones are good and which ones are bad....
>
>
>
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>Hosted and sponsored by Secunia - http://secunia.com/
>
>No virus found in this incoming message.
>Checked by AVG Anti-Virus.
>Version: 7.1.385 / Virus Database: 268.3.2/294 - Release Date: 3/27/2006
--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.1.385 / Virus Database: 268.3.4/299 - Release Date: 3/31/2006
Powered by blists - more mailing lists