[dix] Some phishing perspective
"Hallam-Baker, Phillip" <pbaker@verisign.com> Thu, 06 July 2006 13:28 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com)
by megatron.ietf.org with esmtp (Exim 4.43)
id 1FyTuP-0004z4-7P; Thu, 06 Jul 2006 09:28:45 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org)
by megatron.ietf.org with esmtp (Exim 4.43) id 1FyTuO-0004vz-2D
for dix@ietf.org; Thu, 06 Jul 2006 09:28:44 -0400
Received: from colibri.verisign.com ([65.205.251.74])
by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FyTuL-0004az-Nl
for dix@ietf.org; Thu, 06 Jul 2006 09:28:44 -0400
Received: from MOU1WNEXCN02.vcorp.ad.vrsn.com (mailer2.verisign.com
[65.205.251.35])
by colibri.verisign.com (8.13.6/8.13.4) with ESMTP id k66DSfSH024330
for <dix@ietf.org>; Thu, 6 Jul 2006 06:28:41 -0700
Received: from MOU1WNEXMB04.vcorp.ad.vrsn.com ([10.25.13.157]) by
MOU1WNEXCN02.vcorp.ad.vrsn.com with Microsoft
SMTPSVC(6.0.3790.1830); Thu, 6 Jul 2006 06:28:40 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 6 Jul 2006 06:28:34 -0700
Message-ID: <198A730C2044DE4A96749D13E167AD37BD5F43@MOU1WNEXMB04.vcorp.ad.vrsn.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Some phishing perspective
Thread-Index: Acag+7FRRdZVWYpIQy2hvUQknUgL3QAAyvsw
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
To: "Digital Identity Exchange" <dix@ietf.org>
X-OriginalArrivalTime: 06 Jul 2006 13:28:40.0795 (UTC)
FILETIME=[186482B0:01C6A100]
X-Spam-Score: 0.1 (/)
X-Scan-Signature: ffa9dfbbe7cc58b3fa6b8ae3e57b0aa3
Subject: [dix] Some phishing perspective
X-BeenThere: dix@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: Digital Identity Exchange <dix@ietf.org>
List-Id: Digital Identity Exchange <dix.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/dix>,
<mailto:dix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/dix>
List-Post: <mailto:dix@ietf.org>
List-Help: <mailto:dix-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/dix>,
<mailto:dix-request@ietf.org?subject=subscribe>
Errors-To: dix-bounces@ietf.org
There has been some oblique discussion about phishing and MIM attacks. MIM attacks are a concern, in particular MIM attacks where the end user machine is compromized through a trojan are a very big concern. There is also concern about users typing passwords into entry forms presented by a MIM (classic phishing). The use of dynamic credentials (One Time Passwords) does not protect against a MIM entry form attack but it does have a major impact on the criminals. Dynamic credentials can only be used once. That means that there is an upper bound on the fraud loss when phishing takes place since the number of transactions is limited. It also means that it is much harder to resell the credentials on a dumps market. A carder who buys 10,000 credit card numbers can test them out in a low value transaction such as buying a domain name before they go on to attempt a riskier high value transaction. Dynamic credentials can only be used once, the perp is put at much greater risk. The other advantage of dymanic credentials is that they are self healing. It is not necessary to reissue the token unless the customer actually lost it. _______________________________________________ dix mailing list dix@ietf.org https://www1.ietf.org/mailman/listinfo/dix
- [dix] Some phishing perspective Hallam-Baker, Phillip