[registrars] WG: [council] Fast Flux DNS
John Berryhill
john at johnberryhill.com
Mon Mar 17 13:24:52 UTC 2008
> I have not received
> one using a gTLD domain name for at least weeks, probably months.
People who are reading HTML email wrongly assume that because they see a URL
in the anchor text for a hyperlink, that a domain name is being used when,
most of the time, it is simply presenting that text as a link to an IP
address.
Aside from consumer education, instead of charging $50 per year for ID Theft
Protection, and thus making crime a profit center, financial institutions
can take relatively simple measures to reduce phishing. Bank of America is
one of the more enlightened institutions in that regard - instead of having
a login/password screen, the login process is a dialog that presents a
pre-selected image and text to the user after presentation of the login ID,
and THEN presents a password entry prompt. Hence, the user knows whether or
not they are looking at a genuine BoA login dialog.
It's a lot cheaper, though, to charge your own customers for ID theft
protection, offload security costs onto regulated groups, and then pretend
one has done something about ID theft.
John
More information about the registrars
mailing list