Better than that, consider this eventuality:
Simply possessing legally prescribed Vicodin, Ritalin while holding illegal Marijuana, while sitting in one's car, combined with an energetic police force and a determined prosecutor, can end up with oneself sitting in jail for two years.
Imagine this same prosecutor looking at someone with a collection of legally acquired DVDs and a computer with a DVD burner. Using the same logic, that would be possession with intent to violate copyrights.
My guess is that you weren't simple enough for them.
"How can I determine that your email is legitimate and is not a spoof email that looks like yours but steals my password?"
Sure, their emails are secure. That's not what we're worried about. What concerns us is that bad people can make emails look and work just like good emails from Schwab - and steal your money. And THAT's what they're not getting.
No wonder they're having problems and laying off people...
What's the one thing that all the phishes have in common?
They rely on the graphics from the original site - those that do not change. If you inspect the code of these emails, most of the links are to the legitimate site, pointing to graphics that the targetted company uses themselves.
The company doesn't change the graphics, the phishes are relatively immortal.
What would happen if the images were renamed, say, weekly? Well, the phishes could break because the links would point to defunct image names.
But instead of merely breaking them, how about putting them to work? Turning the email themselves into warnings?
Rename the old graphics with new graphic names AND put new graphics in their place that work together to create stark, colorful warnings that tell people, without a doubt, that 'this email is bogus - forward it to 'spoof@.com and delete it quickly!'.
There are technical issues to work out - like how a weekly name change can eventually make for a lot of old graphics sitting around. Obviously, legitimate emails would 'expire' after a week, too - and unless there was some means for them to be aware of the name changes, the emails would start looking like phishes.
But the idea is that phishing wouldn't be able to use the company images as bait.
Then again, I can see how Diebold could have hired the one who had committed sophisticated computer crime -specifically- for those talents. IOW, in order to use them for their own, nefarious purposes.
His job may well be not to improve security, but to find ways to defeat public scrutiny and accountability?
Paranoid? Heck yeah. Anyone who =isn't= paranoid about this stuff is a fool.
Slashdot Mirror
Better than that, consider this eventuality: Simply possessing legally prescribed Vicodin, Ritalin while holding illegal Marijuana, while sitting in one's car, combined with an energetic police force and a determined prosecutor, can end up with oneself sitting in jail for two years. Imagine this same prosecutor looking at someone with a collection of legally acquired DVDs and a computer with a DVD burner. Using the same logic, that would be possession with intent to violate copyrights.
My guess is that you weren't simple enough for them. "How can I determine that your email is legitimate and is not a spoof email that looks like yours but steals my password?" Sure, their emails are secure. That's not what we're worried about. What concerns us is that bad people can make emails look and work just like good emails from Schwab - and steal your money. And THAT's what they're not getting. No wonder they're having problems and laying off people...
What's the one thing that all the phishes have in common?
They rely on the graphics from the original site - those that do not change. If you inspect the code of these emails, most of the links are to the legitimate site, pointing to graphics that the targetted company uses themselves.
The company doesn't change the graphics, the phishes are relatively immortal.
What would happen if the images were renamed, say, weekly? Well, the phishes could break because the links would point to defunct image names.
But instead of merely breaking them, how about putting them to work? Turning the email themselves into warnings?
Rename the old graphics with new graphic names AND put new graphics in their place that work together to create stark, colorful warnings that tell people, without a doubt, that 'this email is bogus - forward it to 'spoof@.com and delete it quickly!'.
There are technical issues to work out - like how a weekly name change can eventually make for a lot of old graphics sitting around. Obviously, legitimate emails would 'expire' after a week, too - and unless there was some means for them to be aware of the name changes, the emails would start looking like phishes.
But the idea is that phishing wouldn't be able to use the company images as bait.
Then again, I can see how Diebold could have hired the one who had committed sophisticated computer crime -specifically- for those talents. IOW, in order to use them for their own, nefarious purposes. His job may well be not to improve security, but to find ways to defeat public scrutiny and accountability? Paranoid? Heck yeah. Anyone who =isn't= paranoid about this stuff is a fool.