Phishing & BotNets
Back to list
Mar 10 2006 02:14PM
Jon R. Kibler (Jon Kibler aset com)
What if we were able to make life more miserable for phishers? Would it slow them down or discourage them?
Would it be ethical to do so? Legal?
A thought along those lines: There are dozens of programs available that will generate 'legitimate' fake credit card numbers, bank account numbers, etc. There are all sorts of ways to generate lists of names. Use these types of programs to create millions of bogus identities. Then flood the phishing site with so much bogus information that it would become a real chore to sort out the legitimate phish caught from the decoys. To accomplish this would be simple:
1) Visit the phish site and determine the information they are collecting.
2) Write a simple shell script to generate the required bogus data in HTTP POST (or whatever method used) format.
3) Have the shell script submit the bogus data (netcat, etc.) to the phish site one bogus identity at a time.
A real dumb phisher may even try to use bogus data and that may be the trigger that gets them caught.
Just a thought...
Jon R. Kibler
Chief Technical Officer
Charleston, SC USA
Filtered by: TRUSTEM.COM's Email Filtering Service
No Spam. No Viruses. Just Good Clean Email.
[ reply ]
Copyright 2010, SecurityFocus