Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
Is it soup yet?

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.

user:
pass:
register,


                 

anti-Phishing scam

flood phishers with invalid data
  (+19, -1)(+19, -1)
(+19, -1)
  [vote for,
against]

Why does Phishing Exist? To get personal information and financial advantage over neophytes. Why does it work? Because neophytes will fall for anything that comes to them personally via email. How can it be stopped? Make data generated via phishing scams unusable by flooding scammer with invalid data. Example: I get an email from the "Concerened Really Smart Computer Department" at Bank of America. Even though I am not a custome "valued" or otherwise. I know that no business will ever ask me to "confirm" my account number and password via email so I immediately trash it. Less savvy users might fall for this once or twice, then they will join the deleters of the world. So, the problem as I see it is that people smart enough to fix it are not bothered by the problem to solve it. The solution seems fairly straight forward and could probably be set up completely automated on some server somewhere. You would forward any phishing email to a special address and a program would generate 1000's of responses from different IP's and with a random timedelay sufficiently hiding any real responses in the noise. Anyone evaluating the responses would quickly tire of "Invalid User Information" and anyone buying this type of info would never pay again for untested data.
cblunds, Aug 21 2006

Same principle for spam. Distributed_20spam_20responder
[jutta, Aug 21 2006]

[link]






       I sometimes do a manual version of this already.   

       I usually include expletive-instructions in the "password" field.   

       [+]
monojohnny, Aug 23 2006
  

       [+]I'll have to try and find it, but I seem to remember an anti-spam website which had a gigabyte list of fake e-mail addresses (e.g. Zaphod.Beeb@xz346hgd.co.uk) listed, with load of things that the bot's would find tasty and interesting to find :)   

       (Ok, maybe not a gig)
Dub, Aug 24 2006
  

       Send them a Vampire ;) They'll certainly not thank you for it after about an hour or so.If I told you what this is I'd have to bite you.   

       (you probably know what it is anyway)
skinflaps, Aug 24 2006
  

       //You will have to specifically program something to call the specific page, fill in the specific fields with bogus data that looks passable, and execute the http request. After you did that, you could automate it, but not until.// - You could call it 'phlishing'.
wagster, Aug 24 2006
  

       one problem might be that this system would be open to abuse. Say you got sacked from your job - you could just forward your old company email address to this service, and take it down. Think some kid just got put in jail for doing something similar using Avalanche.
bumhat, Aug 24 2006
  

       Are these phishing scans all automated? I imagine they must be. One could use that to prevent abuse - send a warning email asking the recipient to respond within 10 days...   

       hmm that would be open to abuse too.
bungston, Aug 24 2006
  

       To not have [phlish] anno your idea, send $5 to Paypal account number .......
Oh, wait anti-PHLISHing. oops.
Zimmy, Aug 24 2006
  
      
[annotate]
  


 

back: main index

business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle