[cap-talk] Phishing with signed certs
Sandro Magi
smagi at naasking.homeip.net
Mon Feb 13 21:57:55 EST 2006
Good write up on the "Mountain America" credit union phish.
http://isc.sans.org/diary.php?storyid=1118
It's a very good, fully illustrated depiction of the current
infrastructure's complete failure to inform or protect the user,
contrary to its claims.
The approval process detailed at the bottom of the following article is
telling.
http://blog.washingtonpost.com/securityfix/2006/02/the_new_face_of_phishing_1.html
Sandro
More information about the cap-talk
mailing list