[cryptography] wont CA hackers CA pin also? and other musings (Re: PKI "fixes" that don't fix PKI (part III))

Andy Steingruebl andy at steingruebl.com
Sat Sep 10 17:06:01 EDT 2011


On Sat, Sep 10, 2011 at 11:46 AM, Ian G <iang at iang.org> wrote:
>
>>  2) Phishing using a similar-looking domain name.
>
> Yes. That's the big one in this space. Afaik.

I'd be surprised actually.  Most phishing sites are mass-compromises
of other websites, or mass-hosting on funky names/addresses, often
nothing like the site being phished. Look-alike isn't the dominant
trend these days, though I'll try to pull some phishtank stats to show
it.


- Andy



More information about the cryptography mailing list