[73275] in North American Network Operators' Group
Re: Phishing (Was Re: WashingtonPost computer security stories)
daemon@ATHENA.MIT.EDU (Alexei Roudnev)
Wed Aug 18 02:27:11 2004
From: "Alexei Roudnev" <alex@relcom.net>
To: "Petri Helenius" <pete@he.iki.fi>
Cc: "Niels Bakker" <niels=nanog@bakker.net>, <nanog@merit.edu>
Date: Tue, 17 Aug 2004 23:26:21 -0700
Errors-To: owner-nanog-outgoing@merit.edu
I disagree - this is a good idea, and it REALLY DO WORKS (have been tested
on hackers, with great success).
Moreover, it is not a problem to catch this fishers/phishers... issue 1,000
special credit cards, send their data to this site, and trace who and how
will use them. Or just intersect traffic and log all cards posted to this
site (and thace them).
Nothing too complicated for any law enforcment agency...
Just watching and saying _ohhm, one more phishing_ is the worst idea - to
fight anything, you must always be active. Active side always win (it is
only a matter of time, how long it takes to win), so if you just looking and
using passive defense, you will be biten (early or later). Hackers and
Phishers do not make any difference vs other fightings.
> Alexei Roudnev wrote:
>
> >Why don't write out a generator of credit cards / pins and flood out this
> >site by false information?
> >
> >(I saw a few better examples, btw).
> >
> >
> >
> >
> Because fighting abuse with abuse is never a good idea?
>
> Pete
>
>
