Just got a phish for BankDirect. The telling part: "<a href="http://www.bankdlrect.co.nz/index_secure.asp" >" - notice the 'l' where the I should be. Hopefully as this is inside .nz DNS we can get

Craig Box said: this one shut down quickly. Well, the phish website is still up and running, and it is *very* well done. I didn't get any certificate warning when going to the https site, and it looks exactly like the real one. They even promote the NetCODE security system, and all of the links on the page point to the real site. -- Kerry Thompson IT Security Consultant http://www.crypt.gen.nz