Re: [nznog] New phish - Westpac
Wait until the phishers catchup with the normal spammers and make the
IP
of their websites move every 10 minutes. Personally I'm surprised it hasn't happened already, certainly it will happen if people get efficient at blocking single IPs.
That's why it's better done at the ISP level.
If they have web caches which transparently proxy everything. (dunno how many isp's still do this). But the URL itself can be blocked rather than the IP.
Carriers shouldn't block IP's IMHO.
Can't ISP's just intercept http traffic destined for phishers' sites (based on url matching, not ip) and display a nice html message to the user how their bank account would have been cleaned out if it hadn't been for their nice friendly isp? :) Certainly blatantly blocking ip's at carrier level is rather nasty. what happens if that IP is a large virtual host server? Replacing content (as above) at least allows you to make it obvious to all users whats happening. -Joel
Simon Allard ihug Limited
P +64 9 962 9827 M +64 21 456 412 E simon.allard(a)staff.ihug.co.nz
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
Westpac have Posted... Security Alert ! 15 September 2005 A spam email purporting to be from Westpac and targeting the bank's customers has been widely circulated, and has been received by a number of people in New Zealand. If you receive these emails please ignore them, however if you have acted on the emails and disclosed your details then please immediately change your password and contact us on 0800 400 600.
participants (2)
-
Joel Van Velden -
Russell Sharpe