Jason Haar wrote: > OT but related > > I just got a bunch of phishing attacks against a bank come through. > Following the link leads me to some owned website with the fake bank > frontend - and it had a feature that I've seen time and time again: > images and links from the real banksite > > Why don't banks rub two braincells together and start monitoring the > referrers on their primary webpages (eg logos, terms and conditions) and > return a "RUN AWAY!!! IT'S A TRAP!!!" page whenever someone views the > phishing sites? The Referrer header would allow that instantly > > They really don't give a damn do they... >
well, this is completely nonsense, not only your opinion but also your technical suggestion in first place phishing is not targeting the bank nor it is the victim phishing deals with the stupidity of the "clickers" no serious bank, as any other serious company, would ever send out emails asking for user details the user who believes that, is or incredible ingenious or incredible stupid, so: happy clicking it is honorable that developers and technicians care and try to find counter measurements, but it is not their responsibility, either the bank's who clicks on a phishing attempt, I'd say, well done, hopefully he types in name and passwd, so that would be then a real learning lesson, one more saved :) what you're asking for is making the police pay for a stolen car ... if you target a culprit you should go after all this irresponsible webhosting companies which do not review the content and web admins who do not have a clew about what they are doing Hans -- XTrade Assessory International Facilitator BR - US - CA - DE - GB - RU - UK +55 (11) 4249.2222 http://xtrade.matik.com.br