[Dshield] Anti-Phishing

Valdis.Kletnieks@vt.edu Valdis.Kletnieks at vt.edu
Fri Mar 10 16:31:15 GMT 2006


On Fri, 10 Mar 2006 09:13:20 EST, "Jon R. Kibler" said:

> Would it be ethical to do so? Legal?

IANAL, so hire a good one and ask their opinion. ;)


>    3) Have the shell script submit the bogus data (netcat, etc.) to the phish
> site one bogus identity at a time.

You need to make sure that the bogus identities come from enough different IP
addresses to not be obviously a data-stuffing attack.  You'd almost need a whole
herd of slave machines scattered all over the place.. like a botnet. ;)

> A real dumb phisher may even try to use bogus data and that may be the
> trigger that gets them caught.

It's called a "honeytoken", and a fairly old concept - salting bank and hospital
records with "interesting" but bogus records (for famous politicians, movie
stars, etc) and seeing who pulls the record dates back to the '70s.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20060310/18e67fe3/attachment.bin


More information about the list mailing list