| Phishing possibility Leaving aside the bad ramifications of ISPs injecting content (possibly ads) into other websites, I can see great potential in this for Phishing. To use the Google example that was shown in the summary, a Phisher could make a Google clone site (perhaps that even pulled search results from the real Google) but put a "you're going over your bandwidth" message at the top. Include a free offer to up the user's bandwidth. The user, having been accustomed to content being injected by their ISP, assumes that this is legit. Once the user clicks to accept the offer, standard phishing ensues (prompts to enter usernames, passwords, SSNs, etc). The user is then given a "Congrats! You have more bandwidth!" message and the phisher laughs maniacally. |
