Total Pageviews

11 May 2006

Phishing - a counter tactic

Phishing is a big problem. Can I suggest that the banks set up dummy phishing bank accounts with no money in them and issue logins to the bank accounts to all their customers. Maybe this could just be done via one central bank account and simply present a logical account number via the online banking.

Then when customers receive a phishing mail, they go to the phishing site and type in the dummy details.

The crooks then capture the dummy details and to all intents and purposes they can't tell the different between this account and a real one because the crooks would then be using the real banking site. The site could even be modified to show an account balance.

Then they try and move the money from that bank account to their own bank account and by typing in the details of where they are trying to send the money to, we might stand a better chance of being able to catch them.

At the very least the very large number of false bank details would tie up the crooks' time and make successful phishing that much harder.

Just a thought, anyone got any better ideas?
Post a Comment

Popular Posts