There appear to be these forms of phishing.
1. good copies of sites and plausible stories. 2. plausible stories, but totally distinct sites. 3. offers too good to refuse.
The below seems to be a class 2 phish, to use the scratched out taxonomy above.
Relying on logic from last year, I'd say, this will catch some phish, if it has been repeated. Success breeds repitition. (Lynn would say ROI.)
Ideas that have been presented (elsewhere) deal with phish class 1 pretty well. class 2 attacks are dealt with to some extent, as the user has to recognise the attack. Class 3, it would see, is oriented to the user who will never say no to this offer.
I thought last week's Bin Laden hanging was a particularly inspired class 3 attack. It is no surprise to me it succeeded. So it may well be that phishing defences within the browser can only help a user that wants to help themselves. That however is no real reason to not put in those techniques that will help a user.
iang
PS: these classes have no academic merit, I made them up as I was typing.
Amir Herzberg wrote:
Xeon wrote:
Recently thier is a security Hole detected in PayPal Registration server, Secure your hardly earned Money check out: www.onlinehacks.netfirms.com
Thanks care lover
This is a sting. It claims to `hack paypal`, hoping some will try... in the process, the victim (you!) should e-mail your paypal account and password to an unknown account - probably of the hacker...
I wonder if they'll get any `fish`...
Most phishing attacks try to impersonate as a trustworthy site... But these guys apply the more classical sting operation, and like they say `You’re responsible for your action!`
_______________________________________________ Mozilla-security mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-security
