hi,
On Wed, May 30, 2012 at 3:47 PM, Ewen McNeill
It occurs to me that "${DOMAIN}-${2LD}.nz" (for any existing 2ld of .nz, and domain in that 2ld) is probably nearly as good for phishing. For yet another unintended side effect. (Several other plausible variations, eg, ${BANK}bank.nz, ${BANK}-bank.nz, would probably also fool enough users to be worth the domain cost.)
Phishing is always high on everyones list, never mind the cause (IDNs come to mind). My last company had between 10 and 20 phishing cases a day, none of them were limited to any sort of pattern you could dream up. Opening up a second level will not increase anything in this respect. Besides, phishing in NZ is so simple it is scary. Take "national-bank.co.nz" - not the bank, it has been free for many years, looks like in 2010 someone finally took it ... Cheers Lenz
Ewen
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
-- twitter: @norbu09 current project: iWantMyName.com