This could be a really cool thing, if it’s done correctly:
A volunteer group, dubbed the Phishing Incident Reporting and
Termination squad (PIRT), will take in reports from consumers of
suspected phishing Web sites and work to take the sites offline.On Friday, before its official launch, the group received 100 phishing reports, and 30 of those were shut down in a few hours.
Most of us can quickly and easily spot a phishing scandal (if it even gets past
our filters) but it’s people like our parents who need to be protected.
If we can work together to nail these phishing fuckers at the server
level, it’s time well spent.
You hit the nail on the head. So far I’ve been lucky to catch the dozens that fall in my inbox each week, but I’ve had to help my mother out twice when she got “phished” by duboius sites. It’ll be interesting to see how this endeavor grows.
It is truly amazing how gullible some people really are and it is scary. They get something in the mail.. click here to enlarge your er.. feet.. 😛 just enter your bank account and routing numbers and we will send you this free sample!
We do need more awareness on this.. so those not so PC savvy won’t lose their life savings.
Every phishing attempt I’ve seen was received at an address that I don’t use for the alleged site or for a site I don’t use. I don’t use my regular public email address for ebay, amazon or banking – I use unique addresses like [email protected] (which is pretty easy to do if you own a domain) – I’ve never seen a single phishing email at those addresses.
…still got my fingers tightly crossed…
When I think of phishing I think of when I used to work for Neiman Marcus, at times clients(typically older ones) would mail in orders and not include their credit card number, I would call them to remind them to call it in and they would, without verifying who I was just give it to me over the phone. It is true that we do have to protect them. They come from a time when their kids curfew was when the street lights came on, and gay meant you were just a happy person.
The PIRT Blunder?
PIRT (Phishing Incident Reporting and Termination) is making headlines around the web, but take their plans with a grains worth of salt for now. For those of you that havent heard or cant be troubled to follow the links,PIRT …
The PIRT effort is laudable, but incomplete. Many phishing sites are hosted on foreign servers where the hosting provider either doesn’t care or is in cahoots with the phishers. A better solution is the Netcraft toolbar, which runs in IE and Firefox (as an extension) and blocks access to sites that are confirmed to be phishy. It also shows where the site is hosted, so you can tell if it looks like Paypal and is hosted in China.
Every phishing attempt I’ve seen was received at an address that I don’t use for the alleged site or for a site I don’t use
This is nice for those of us who own domains (I do the same thing), but let’s face it. Your average phishing victim is someone’s clueless dad who has a single email address, and as far as they’re concerned this is a real email from their bank. I’m trying to convert all my clueless friends/family members over to Gmail, which automatically detects (at least, any time I’ve gotten one) phishing emails and disables all links in them, also putting a big error message saying that it is likely a phishing scam.
Oh, and I totally forgot what I was originally going to comment on, and that is this: I think they would have a cooler acronym if it was “phirt”… Only because I think it sounds like a squeaky fart 🙂
Picnic 2006-03-29
Todays picnic basket of items from my blogroll.
Wild Thing (PC Free Zone) looks at NYUs cave-in
Neptunus Lex muses about who really wants the truth
Rachy (Lesless in Perpetuum) looks forward to April 1
BlackFive looks at the brick thrown a…