RSA Security's Cyota division is helping fight phishing attacks by giving the online fraudsters what they want: a lot of usernames, passwords, online-banking credentials and credit card numbers.
Very cool idea. This has been used against e-mail harvesting groups for some time, but I would guess this will be much more effective. On the lower right of my blog, you will see a “Spam Poison” icon. This website has been using “dilution” anti-spam technique for quite some time.
Polluting e-mail harvest list is good but this technique can easily be offset by other harvesting techniques. DHA, etc.
I commonly fill in phishing sites with fake information just to learn about how it is using the data and to examine the complexity of the site. I have since seen phishing sites that would verify the Paypal username and password before giving you access. Crazy stuff.
Now if someone would just create a open source tool that will create fake ID and can be customized to force feed information to phishing sites.
Here is the full News.com story on this subject.
No comments:
Post a Comment