Nice archive of phishing emails and analysis of the methods used -Email spoofing. -URL encoding/mis-representation. -Any validation of data entered by user. -Suspicious parts to time people off. Robert X Cringley has a neat article . In it he proposes the way to kill phishers is to taint their "take." The APWG provides a good data set to create an auto "anti-angler." I'm not sure how well this would work, because I am not sure how the phishers validate the info they collect. It possible an automated attack flooding them with bogus data could quickly be filtered if I don't choose really good data. hmmmmmmmmmmmm. [gears start turning] |