OT but related I just got a bunch of phishing attacks against a bank come through. Following the link leads me to some owned website with the fake bank frontend - and it had a feature that I've seen time and time again: images and links from the real banksite
Why don't banks rub two braincells together and start monitoring the referrers on their primary webpages (eg logos, terms and conditions) and return a "RUN AWAY!!! IT'S A TRAP!!!" page whenever someone views the phishing sites? The Referrer header would allow that instantly They really don't give a damn do they... -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +1 408 481 8171 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
