On occasion I have responded to phishing emails with a visit to their web site using a very well patched and secure browser. In the first name field I enter "I. M." For a last name I use "Notanidiot." The rest of the fields are filled with expletives. While this is more to make me feel like I am doing something because the phishers probably speak a different language, with different expletives, it does beg the question, what if everyone did this?
What if everyone responded to phishing email with bogus information? Perhaps some infosec grad student could create a mail proxy that sees these phising messages and then sends a reply with a random bank name and random account information. What if the phisher recieved 10 million responses, instead of one hundred? Would the difficulty in trying find the one hundred valid accounts out of millions render this type of attack useless? Is this a way we can collectively protect the less informed Internet citizens?
What do you think?
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment