[Dshield] Anti-Phishing

Jon R. Kibler Jon.Kibler at aset.com
Fri Mar 10 14:13:20 GMT 2006

Greetings All,

What if we were able to make life more miserable for phishers? Would it slow them down or discourage them? 

Would it be ethical to do so? Legal?

A thought along those lines: There are dozens of programs available that will generate 'legitimate' fake credit card numbers, bank account numbers, etc. There are all sorts of ways to generate lists of names. Use these types of programs to create millions of bogus identities. Then flood the phishing site with so much bogus information that it would become a real chore to sort out the legitimate phish caught from the decoys. To accomplish this would be simple:
   1) Visit the phish site and determine the information they are collecting.
   2) Write a simple shell script to generate the required bogus data in HTTP POST (or whatever method used) format.
   3) Have the shell script submit the bogus data (netcat, etc.) to the phish site one bogus identity at a time.

A real dumb phisher may even try to use bogus data and that may be the trigger that gets them caught.

Just a thought...

Jon Kibler
Jon R. Kibler
Chief Technical Officer
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214

Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.

More information about the list mailing list