Network Security: Detailed info on RE: Smells like a phish, is a fish?

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Web-App-Sec

[Top] [All Lists]

RE: Smells like a phish, is a fish?

from [Damhuis Anton] Network Security

[Permanent Link]

Subject:	RE: Smells like a phish, is a fish?
Date:	Thu, 27 Oct 2005 10:34:45 +0200


Hi

But email is sent over an unencrypted link, thus any body could get hold of the 
link, and by entering it, get access to the web site's details (the account).

Something should always be kept secret, when sending logon information via 
email.

So I don't think it is mitigating phishing, but possibly rather a way to track 
their responses to the email.

Or am I understanding your statement incorrectly?

Regards
  Anton

-----Original Message-----
From: Ofer Shezaf [mailto:Ofer.Shezaf@breach.com]
Sent: 27 October 2005 10:15
To: Andrew van der Stock; webappsec@securityfocus.com
Subject: RE: Smells like a phish, is a fish?

...
provide you with a key in the e-mail, rather than asking for a login
might actually be a way to mitigate phishing.

Confidentiality Warning
=======================
The contents of this e-mail and any accompanying documentation
are confidential and any use thereof, in what ever form, by anyone
other than the addressee is strictly prohibited.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Smells like a phish, is a fish?, Andrew van der Stock Re: Smells like a phish, is a fish?, Mat Farrington Re: Smells like a phish, is a fish?, Cory Foy Re: Smells like a phish, is a fish?, Mike Kuriger Re: Smells like a phish, is a fish?, Todd Hendricks RE: Smells like a phish, is a fish?, Ofer Shezaf RE: Smells like a phish, is a fish?, Damhuis Anton <= RE: Smells like a phish, is a fish?, M. Burnett RE: Smells like a phish, is a fish?, Christopher Reed RE: Smells like a phish, is a fish?, Tom Stowell RE: Smells like a phish, is a fish?, Damhuis Anton RE: Smells like a phish, is a fish?, Tom Stowell RE: Smells like a phish, is a fish?, Lyal Collins Re: Smells like a phish, is a fish?, Devdas Bhagat RE: Smells like a phish, is a fish?, Lyal Collins

Previous by Date:	Re: Smells like a phish, is a fish?, Cory Foy
Next by Date:	Re: [Full-disclosure] Re: phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit., Nicob
Previous by Thread:	RE: Smells like a phish, is a fish?, Ofer Shezaf
Next by Thread:	RE: Smells like a phish, is a fish?, M. Burnett
Indexes:	[Date] [Thread] [Top] [All Lists]