Phishing Education Test Blocked For Phishing 113
An anonymous reader writes "It appears a website called ismycreditcardstolen.com, designed to 'educate users about the dangers of phishing,' has itself been flagged by Firefox as a reported web forgery. The site, which asks visitors to enter their credit card details to 'see if they've been stolen,' takes the hapless visitor to a page warning them about the perils of phishing, giving them advice on how to avoid similar scams and also provides a link to the Anti-Phishing Working Group's website. Or at least it did, until various browsers started blocking it. As the Sunbelt blog post notes, the project was likely doomed to failure, both because of the domain name itself and also because it uses anonymous Whois data, which isn't exactly going to make security people look at it in a positive light. Does anyone out there think this was a good idea? Or will malicious individuals start playing copycat on a public now trained to think sites like this are just 'harmless education?'"
Hmmm... (Score:3, Insightful)
Firefox could still be correct... (Score:1, Insightful)
Re:So, it worked! (Score:2, Insightful)
It was designed to look like a phising site, and it did!
Blocked by the idiots who did a knee-jerk reaction and flagged it as a hostile site. Isn't that spiffy, it got blocked by the very lack-of-awareness idiots who it was trying to assist. Gotta love the irony.
I say leave them to their own devices. The phishers are merely making stupidity more painful. While they intend ill, the overall effect might not be so bad.
Antivirus for Your Brain (Immunization) (Score:5, Insightful)
When we were kids, many of us received immunizations against a host of nasty diseases. The purpose of these vaccines was to expose our immune systems to "fake badness," so that when we were exposed "real badness," the immune system would be pre-primed to deal with it.
Phishing is a problem precisely because most of the email that your average (l)user gets and most of the sites they visit are legitimate, with no badness (of this type) involved. When you've never been exposed to phishing behavior, it's much easier to fall for a scam.
You can run all the "awareness" campaigns you want, but users tend to ignore that sort of stuff, thinking, "right, I get it, but I'm smarter than that."
We need to inoculate users to teach them to be wary. There should be more sites like this out there. Some geared toward credit card data, some geared toward username & password, and others yet for other forms of PII.
Once a user is brought up short a few times by information pages like you see after you hit submit, they will be more cautious on all sites.
Re:Hmmm... (Score:2, Insightful)
Re:Maybe this is an intelligence test or experimen (Score:3, Insightful)
Actually in my experience, in meeting people from all over the world, and visiting many other places, it's not Americans that are dumb. It's most people in general. Stereotypes do fit some people, because they are created from a subset of a culture.
By categorizing Americans as dumb, you therefore categorize the general population of the whole world as dumb. Only approximately 1.5% of the United States population is Native American. The remainder migrated here, and their "American" ancestry spans one to a few dozen generations.