On Fri, 4 Jun 2004, william(at)elan.net wrote:
something maybe wrong. But I think that most users will still fall for the
same phishing trap if they see:
From: security(_at_)citibank-corporate(_dot_)us on behalf of
"City Bank Security Department" <security(_at_)citybank(_dot_)com>
P.S. By most users I mean the same ones that fall victim to phishing right
now...
And yes, I do realize that the system ads us at least one new domain that
can possibly be used later to track the responsible party. But previous
experience shows that usually the domain would have invalid whois info
(well actually, whois may even be valid and set to real bank's address)
and if financials are followed and registrar cooperates the end result is
that usually the domain is bought using credit card of one of the previous
victims of phishing!
--
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net