I didn't realize that this was happening in our neighborhood. Looks like
phishers are getting valid certs for the domains they attack.
-J
---------- Forwarded message ----------
Date: Tue, 14 Feb 2006 00:29:59 -0500
From: Victor Duchovni <[EMAIL PROTECTED]>
To: [email protected]
Subject: X.509 Phishing license
The phishers are launching sophisticated attacks on less known (to the
X.509 CAs) financial institutions...
http://blog.washingtonpost.com/securityfix/2006/02/the_new_face_of_phishing_1.html
...
This one -- targeting the tiny Mountain America credit union in Salt
Lake City, Utah
...
Geotrust's cert verification process is largely automated: when
someone requests a cert for a particular site, the company sends an
e-mail to the address included in the Web site's registrar records,
along with a special code that the recipient needs to phone in to
complete the process.
... [Geotrust] doubted that inserting a human into that process
would have flagged the account as suspicious.
--
/"\ ASCII RIBBON NOTICE: If received in error,
\ / CAMPAIGN Victor Duchovni please destroy and notify
X AGAINST IT Security, sender. Sender does not waive
/ \ HTML MAIL Morgan Stanley confidentiality or privilege,
and use is prohibited.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
/*
PLUG: http://plug.org, #utah on irc.freenode.net
Unsubscribe: http://plug.org/mailman/options/plug
Don't fear the penguin.
*/
