Security threats Toolkit
Story: Banks under fire as phishing attacks accelerate
How would they know
I agree that they can indeed upload the images to the same host as the base page and that this would defeat the measures. It would also make the phishing code load on the host server that much bigger and potentially more noticeable. However, if the banks were to instrument the images on their home pages such that if they are requested by a requester that isn't on their own site, it sends an alarm to the Phishing team. The only people that would know that an alarm had been tripped would be the security folks at the bank. The phishers wouldn't know if they had been sussed by a customer who raised the alarm, or by the bank themselves.
Andrew Meredith
IT Consultant, Chippenham, Wiltshire
Member since: January 2004
Site Activity Rating:
This member is ranked #50 in our top 100
Full Talkback thread
Story: Banks under fire as phishing attacks accelerate
-
Image Leeching only temp fix David Long -
The log files already have the solution Andrew Meredith
-
Irish banks already in phishing firing line for 3... 1000333946
-
How would they know Andrew Meredith -
Phisers use the web David Long
-
Phisers use the web David Long
-
Authorities need to get tough... chrishocking
