[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow

To: Jasper Bryant-Greene <jasper@xxxxxxxxxxx>
Subject: Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
From: Michal Zalewski <lcamtuf@xxxxxxxxxxxx>
Date: Fri, 31 Mar 2006 10:24:46 +0200 (CEST)

On Fri, 31 Mar 2006, Jasper Bryant-Greene wrote:

>> Just as most of the phishing sites already do.
> Really? I thought they somehow magically knew enough about you to sign
> you in properly and display all the correct details ;)

No, but the reasonable practice would be not to alert the customer (and
have him possibly, say, panic and call the bank in question) - but rather,
display something along the lines of "Thank you for successfully verifying
your Frob Mutual account data. Bye."

/mz

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
  - From: vuln
- Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
  - From: michaelslists
- Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
  - From: Michal Zalewski
- Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
  - From: Marcos Agüero
- Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
  - From: Jasper Bryant-Greene

Prev by Date: Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
Next by Date: Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
Previous by thread: Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
Next by thread: Re: [Full-disclosure] [HV-PAPER] Anti-Phishing Tips You Should Not Follow
Index(es):
- Date
- Thread