>> OT but related >> >> I just got a bunch of phishing attacks against a bank come through. >> Following the link leads me to some owned website with the fake bank >> frontend - and it had a feature that I've seen time and time again: >> images and links from the real banksite >> >> Why don't banks rub two braincells together and start monitoring the >> referrers on their primary webpages (eg logos, terms and conditions) and >> return a "RUN AWAY!!! IT'S A TRAP!!!" page whenever someone views the >> phishing sites? The Referrer header would allow that instantly >> >> They really don't give a damn do they... >>
Hi Jason, a) phishers would probably move to hosting their own copies of the logos b) some users of image resizers would see the warning sign reduced (I recently had someone complain about an error on our google maps "our office is here" page, and it turned out the visitor was using a smartphone via an image resize service) Regards Wolfgang
