Re: [Fwd: [isdf] need help from the ietf list...can someone post this for me? or allow me to post directly?]

2003-12-21 Thread Masataka Ohta
Parry Aftab; What do you suggest short of an absolute guarantee? Common senses. How do I advise consumers to tell the difference between legitimate e-mails with embedded links and the phished ones using spoofed sites? What if, you go to a branch office of a bank and, in a lobby of the bank, hand

Re: [Fwd: [isdf] need help from the ietf list...can someone post this for me? or allow me to post directly?]

2003-12-21 Thread Dean Anderson
Most scams involve things that the institutions themselves would never do, such as calling you on the telephone or sending as email to have you update your confidential finanical information. The email scams are fundamntally no different from telephone scams or door-to-door confidence scams, where

Re:need help from the ietf list...PKI

2003-12-21 Thread Doug Royer
I agree. With my mortgage customers (MISMO.org related) I have argued that private certs signed by their business partner is better than a cert issued by a well known cert company. Anyone can buy a cert from the well known company. A cert signed by your business partner can not be bought from any

RE: [Fwd: [isdf] need help from the ietf list...can someone post this for me? or allow me to post directly?]

2003-12-21 Thread Dean Anderson
People need to rely on their common sense. This isn't a technical problem. It is a social engineering problem. Your best bet is to read Kevin Mitnick's book "The Art of Deception". Of course, there will be instances were banks will send their customers emails. But you should treat those emails wi

Re: [Fwd: [isdf] need help from the ietf list...can someone post this for me? or allow me to post directly?]

2003-12-21 Thread Valdis . Kletnieks
On Sun, 21 Dec 2003 18:40:57 EST, Parry Aftab said: > It's a spoof, phished e-mail. No such credit card. I just confirmed with > the powers that be in PayPal/eBay. The scams are good enough to confuse > even ietf members. See the problem? How can someone tell this was a > phishing expedition? Damn

RE: [Fwd: [isdf] need help from the ietf list...can someone post this for me? or allow me to post directly?]

2003-12-21 Thread shogunx
On Sun, 21 Dec 2003, Dean Anderson wrote: > People need to rely on their common sense. This isn't a technical > problem. It is a social engineering problem. Your best bet is to read > Kevin Mitnick's book "The Art of Deception". Of course, there will be > instances were banks will send their cust

Re: need help from the ietf list...PKI

2003-12-21 Thread Masataka Ohta
Doug Royer; I agree. With my mortgage customers (MISMO.org related) I have argued that private certs signed by their business partner is better than a cert issued by a well known cert company. Anyone can buy a cert from the well known company. As long as the cert company is a bank, you deposite mo

Re: [Fwd: [isdf] need help from the ietf list...can someone post this for me? or allow me to post directly?]

2003-12-21 Thread Mark Smith
On Mon, 22 Dec 2003 04:33:43 -0500 (EST) shogunx <[EMAIL PROTECTED]> wrote: > On Sun, 21 Dec 2003, Dean Anderson wrote: > > > People need to rely on their common sense. This isn't a technical > > problem. It is a social engineering problem. Your best bet is to read > > Kevin Mitnick's book "The