[Fwd: Secure Server e-Cert & Developer e-Cert. Comerica TM Connect Web Bank]

Peter Gutmann pgut001 at cs.auckland.ac.nz
Thu Apr 24 07:00:30 EDT 2008

Arshad Noor <arshad.noor at strongauth.com> writes:

>This may be the first phishing e-mail I've seen that uses
>a message related to digital certificates for attacking the
>client; I am not a customer of Comerica.
>Has anyone else seen this before?

These have been around for awhile, I'm not on my home machine at the moment or
I'd post a link to a blog analysis of this sort of thing.  Although it's 
impossible to tell due to the lack of figures from either side (PKI phishing 
vs. client cert use) it may well be that there's more use of PKI to attack 
bank clients than to defend them.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list