Why phishing works? (Was: Re: [LINK] Harvard arts-science
requires open-access publishing)
link at todd.inoz.com
Sun Feb 17 08:11:18 EST 2008
At 16:57 16/02/2008, rchirgwin at ozemail.com.au wrote:
>So anything purporting to be from "St George Bank" is bogus, because
>I never signed on for e-mail from St George Bank. I don't need to
>stop and think, or look for clues. And I don't seem to have lost any
>convenience by staying out of the e-mail loop with my bank.
Boy have they been coming in! I have about 40 in my spam quarantine
and who knows how many have been bounced.
Now no bank is oging to send 20 or 30 messages a DAY to a user so
unless they are collecting their email by the minute (and even then,
the chances of getting two or more of these Sta George ones in a 5
min period is quite high) people would have to be stupid.
More stupidly, I don't have a St George account, so that's the
easiest "no brainier" that exists.
I am tempted to set up a phishing responder that replies endlessly to
phishing spam with bogus email and password details.
It might even save someone from having their bank account drained,
but then - what do I get out of this community service? So why bother huh.
The brings be back to "Your name, your date of birth and your
address" as a means of security.
My goodness! How many people have that data on their databases? How
many people know these details anyway - parents, partners, ex partners ....
It's about time people woke up to the fact that once you give the
unique information to one person, that's it for being useful as a
means of security or privacy.
More information about the Link