US Banks: Training the next generation of phishing victims

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu Oct 13 02:32:07 EDT 2005


Sidney Markowitz <sidney at sidney.com> writes:

>It looks like they are all getting their web sites from the same Hack-In-A-
>Box.

My original comment on that was "Looks like they got their security
certification from the same cornflakes packet" :-).  An anonymous contributor
sent in the following comment:

-- Snip --

A possible reason that you are seeing similar, in some cases almost the same,
language at those different companies web sites is that they may very well
have outsourced their website design and/or management to the same company.
Which also exmplains the similar approach to security.

Back in the late 1990s when I was consulting, I saw brokerage firms doing the
same thing.  There were companies specializing in providing "online trading"
who basically put together a web site with the brokerage firm's logo on the
front, but the web sites were owned, managed and located at the "online
trading" company.

One such company that I know of was using Bourne-shell (horrors) for their cgi
scripts.

-- Snip --

>https://www.bayfed.org gives me a warning about a certificate that expired
>over a year ago, then when I accept it redirects me to the unsecured
>http://www.bayfed.com.

In addition, trying https://www.bayfed.com gives you the cert for
www.bayfed.org.  For any phishers reading this, looks like
www.americanexpress.org and www.bankofamerica.org (and their corresponding
certs) are still available...

Peter.


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list