[security] How to prevent phishing...
Nat Sakimura
n-sakimura at nri.co.jp
Sat Apr 14 00:17:10 UTC 2007
Hmm.
I do not think this is very useful. More over, since the phrase is sent with
every mail, it is easier for the phisher to get hold of the valid phrase and
construct a site that displays this phrase. In a way, it is making the
problem worse.
Also, I have to note that Passmark type of aid is not very effective as the
root of problem
of the phishing is the social engineering. It is easy to social engineer so
that users are
made to believe that different images shown on the site is OK due to
technical "glitches".
Regards,
=nat
> Date: Fri, 13 Apr 2007 08:17:52 +0200
> From: Johannes Berg <johannes at sipsolutions.net>
> Subject: Re: [security] How to prevent phishing...
> To: gaz_sec at hushmail.com
> Cc: security at openid.net
> Message-ID: <1176445073.7052.51.camel at johannes.berg>
> Content-Type: text/plain; charset="us-ascii"
>
> On Wed, 2007-04-11 at 10:16 +0100, gaz_sec at hushmail.com wrote:
>
> > I've come up with an idea for peventing phishing, I would love to
> > hear everyone's thoughts:-
> > http://www.thespanner.co.uk/2007/04/11/how-to-prevent-phishing/
>
> Btw. myopenid.com does this with a "personal icon"
>
> johannes
More information about the security
mailing list