[At-Large] Definition of registration abuse
Derek Smythe
derek at aa419.org
Wed Apr 29 06:36:30 EDT 2009
Karl Auerbach wrote:
> John R. Levine wrote:
>>> As long as it takes. Otherwise we will have a system in which a mere
>>> accusation is sufficient.
>>
>> Do you really think it is a good idea to require a court case and a
>> trial to take down a phish site pretending to be Paypal or the Bank of
>> America?
>
> How does one know that a particular web site is "a phish site pretending
> to be Paypal or the Bank of America"? Perhaps it is operating under a
> license? Perhaps it is a permissible parody.
So by you argument this just might be the real Bank of International
Settlements and Securities that is under construction:
http://www.biss-group.net
Or maybe not, just without secure protocols:
http://www.biss-group.net/biss/
Maybe they really are registered in Nigeria. Maybe the EFFC will
really do something about this (despite thousand of similar sites they
did nothing about).
And maybe real banks do use shared hosting along with 560 other
websites and the regulators allow it.
Also, just maybe the are also a security company
(http://www.biss-group.net/biss/home/sc.html) with other website
predating it and registered before them have suddenly overnight
decided it may be a great idea to plagiarize their content.
Maybe they have some weird SSL protocol they are using that nobody has
ever heard about before:
http://www.biss-group.net/biss/home/onlinebanking/securesite001BISS/onlinebanking.php
Incidentally they just might be linked to Morgan Stanley whose image
http://www.biss-group.net/biss/home/images/morgan-stanley_loan_big.gif
is being used.
Maybe it may just be coincidence that this "banks" name is extremely
close to the real Bank for International Settlements. However, since
the "banks" name is not identical, they are impersonating nobody. So
all is good. Or is it?
I know otherwise, no surmises, no guesswork.
Obviously you would not use it, why subject more gullible innocent
parties to it? There are parties here that see these on a daily basis.
However if
It does not take a brain surgeon to recognize a scam, just some
experience in the understanding of the scam.
May I challenge you and give you five domains to process by your
methods? You decide if they are legitimate, how to process them etc?
Talk is cheap, but the victims to these are real.
Derek
More information about the At-Large
mailing list