[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Request for comments: anti-phishing storefrontapproach

To: <full-disclosure@xxxxxxxxxxxxxxxxx>
Subject: Re: [Full-disclosure] Request for comments: anti-phishing storefrontapproach
From: "Mike N" <niceman@xxxxxxx>
Date: Sat, 4 Jun 2005 16:34:54 -0400

I can see many users falling for the scenario below - it *sounds* realistic since they don't understand the underlying mechanism.

----- Original Message ----- From: "Dan Margolis" <dmargoli+lists@xxxxxxx>

Or, better yet, a box that says "If the above image does not read
'AUTHENTIC,' do not sign in." Users would assume that some sort of
verification were going on. Never mind the mechanism.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Request for comments: anti-phishing storefront approach
  - From: Doug Ross
- Re: [Full-disclosure] Request for comments: anti-phishing storefront approach
  - From: Dan Margolis

Prev by Date: Re: [Full-disclosure] Request for comments: anti-phishing storefrontapproach
Next by Date: [Full-disclosure] LSS.hr false positives.
Previous by thread: Re: [Full-disclosure] Request for comments: anti-phishing storefrontapproach
Next by thread: [Full-disclosure] (Fwd) traffic laundering using MSN
Index(es):
- Date
- Thread