h a l f b a k e r yLike a magnifying lens, only with rocks.
add, search, annotate, link, view, overview, recent, by name, random
news, help, about, links, report a problem
browse anonymously,
or get an account
and write.
register,
|
|
|
Why does Phishing Exist? To get personal information and financial advantage over neophytes. Why does it work? Because neophytes will fall for anything that comes to them personally via email. How can it be stopped? Make data generated via phishing scams unusable by flooding scammer with invalid
data. Example: I get an email from the "Concerened Really Smart Computer Department" at Bank of America. Even though I am not a custome "valued" or otherwise. I know that no business will ever ask me to "confirm" my account number and password via email so I immediately trash it. Less savvy users might fall for this once or twice, then they will join the deleters of the world. So, the problem as I see it is that people smart enough to fix it are not bothered by the problem to solve it. The solution seems fairly straight forward and could probably be set up completely automated on some server somewhere. You would forward any phishing email to a special address and a program would generate 1000's of responses from different IP's and with a random timedelay sufficiently hiding any real responses in the noise. Anyone evaluating the responses would quickly tire of "Invalid User Information" and anyone buying this type of info would never pay again for untested data.
Same principle for spam.
Distributed_20spam_20responder [jutta, Aug 21 2006]
[link]
|
|
I sometimes do a manual version of this already. |
|
|
I usually include expletive-instructions in the "password" field. |
|
|
[+]I'll have to try and find it, but I seem to remember an anti-spam website which had a gigabyte list of fake e-mail addresses (e.g. Zaphod.Beeb@xz346hgd.co.uk) listed, with load of things that the bot's would find tasty and interesting to find :) |
|
|
Send them a Vampire ;) They'll certainly not thank you for it after about an hour or so.If I told you what this is I'd have to bite you. |
|
|
(you probably know what it is anyway) |
|
|
//You will have to specifically program something to call the specific page, fill in the specific fields with bogus data that looks passable, and execute the http request. After you did that, you could automate it, but not until.// - You could call it 'phlishing'. |
|
|
one problem might be that this system would be open to abuse. Say you got sacked from your job - you could just forward your old company email address to this service, and take it down. Think some kid just got put in jail for doing something similar using Avalanche. |
|
|
Are these phishing scans all automated? I imagine they must be. One could use that to prevent abuse - send a warning email asking the recipient to respond within 10 days... |
|
|
hmm that would be open to abuse too. |
|
|
To not have [phlish] anno your idea, send $5 to Paypal account number .......
Oh, wait anti-PHLISHing. oops. |
|
| |