Phishing & BotNets
Re: valid problem Nov 10 2005 05:06AM
Lance James (lancej securescience net)
I'm not debating info sharing but tracking phishers on a public forum is not wise.
-----Original Message-----
From: "Stejerean, Cosmin" <cosmin (at) cti.depaul (dot) edu [email concealed]>
Date: Wed, 9 Nov 2005 22:53:17
To:"Lance James" <lancej (at) securescience (dot) net [email concealed]>, "Saeed Abu Nimeh" <drellman (at) hotmail (dot) com [email concealed]>
Cc:<phishing (at) securityfocus (dot) com [email concealed]>
Subject: RE: valid problem

I think the problem with phishing is not any different that with other forms
of hacking. What about watching the honeypot mailing list? Wouldn't that
benefit a hacker? The same could go for almost any list. The purpose of the
list is to share information, and that information can be used for good or
for evil, however that is no excuse to not share information.

Cosmin

-----Original Message-----
From: Lance James [mailto:lancej (at) securescience (dot) net [email concealed]]
Sent: Wednesday, November 09, 2005 5:00 PM
To: Saeed Abu Nimeh
Cc: phishing (at) securityfocus (dot) com [email concealed]
Subject: Re: valid problem

Saeed Abu Nimeh wrote:

> The argument would be similar to all other security public available
> lists. As well they are available to hackers, however, they are
> beneficiary.
> Saeed Abu-Nimeh

Umm, that argument works for security - but when phishers are monitoring
activity for ROI, it's a different issue.

They will see "who's tracking them, who's checking them out, and will
perfect their technique". In security, it's a display of exploits that
may cause trouble, - I think this can not be compared.

>
> Lance James wrote:
>
>> I think there is a valid problem with a "phishing (at) securityfocus (dot) com [email concealed]"
>> list.
>>
>> It's publicly available to everyone - including phishers. Why the hell
>> would anyone post on it?
>>
>
>

--
Best Regards,
Lance James
Secure Science Corporation
www.securescience.net
Author of 'Phishing Exposed'
http://www.securescience.net/amazon/
Find out how malware is affecting your company: Get a DIA account today!
https://slam.securescience.com/signup.cgi - it's free!

Lance James
Secure Science Corporation
www.securescience.net
Author of 'Phishing Exposed'
www.securescience.net/amazon/
Have Phishers Stolen your customer's logins? Find out with DIA
https://slam.securescience.com/signup.cgi - it's free!

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus