Marcos Agüero wrote:
Jasper Bryant-Greene escribió:Seriously though, it wouldn't be that hard to forward the POST on to the real bank website, would it?I think so, but would be very easy to detect. Logs would show lots of diferent user logging in from the same IP Address.
Phishing scams are public in nature. They aren't trying to avoid detection :) and the IP address would of course be spoofed.
-- Jasper Bryant-Greene General Manager Album Limited http://www.album.co.nz/ 0800 4 ALBUM jasper@xxxxxxxxxxx 021 708 334 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/