Lets Kill Phishing!
Robert Cringely has an interesting idea to kill phishing:
If you get phishing e-mail, go the web sites and enter false data. Make up everything — name, sign-on name, password, credit card numbers, everything. Instead of one million messages yielding 100 good replies, now the phisher will have one million messages yielding 100,000 replies of which 100 are good, but WHICH 100?
This technique kills phishing two ways. It certainly increases the phishing labor requirement by about 10,000X. But even more importantly, if banks and e-commerce sites limit the number of failed sign-on attempts from a single IP address to, say, 10 per day, theft as an outcome of phishing becomes close to impossible.
I’m game!
By Mikhail Esteves | June 4th, 2005 in
General
Do you really expect people to waste time every time they receive a phishing email… the total time required by the criminals may increase — but is also a pain for everyone else…