dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
20

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

1 edit

Name Game to Snowy

Premium Member

to Snowy

Re: Using the HTML5 Fullscreen API for Phishing Attacks

"Because after analyzing tens of thousands of phish campaigns from start to finish I've never seen a 1% return rate or anything even close to 1% which makes any discussion of 10% irresponsible."

Now put that in real words..not just your % thingie..what is "return rate" and tell us about "tens of thousand"..and define what you mean by "campaigns"..and I am not trying to pull your chain..but since you used that to make a statement that you thought the authors 10% was wrong and he knew nothing about phish...I have no idea what you are talking about..and I still think at least 10% and maybe more of the peeps that saw a real exploit like the one he just did this POC (proof of concept)..would be clicking away.

Snowy
Lock him up!!!
Premium Member
join:2003-04-05
Kailua, HI

Snowy

Premium Member

said by Name Game:

Now put that in real words..

You have a funny way of saying that you are unable to find any reference whatsoever to a 10% success rate on phish content.
Zero, zippo, nada, nothing.
The difference between you & I that is creating conflict is that while I accept that I'll make a mistake you'll just try to BS your way out.
Good luck Mr. Perfection!, that's a heavy but unnecessary load to carry.
I'm done with this thread, I'm conceding that your BS is superior to my tolerance for same.

Edit to add: Your Praetorian example was not an "in the wild" event but a controlled study. Get real, as in real events.

Name Game
Premium Member
join:2002-07-07
Grand Rapids, MI

1 edit

Name Game

Premium Member

Your musings over for me..you mix apple with oranges and you get bananas...but feel free to make a comment at his site like others have done..

»feross.org/html5-fullscr ··· -attack/

And tell him why he is irresponsible in saying ..

Humans are terrible at spotting subtle changes

If this attack were used in the wild, I bet at least 10% of web users would get phished (probably many more).

and doesn't speak well to his knowledge of phishing.

"Because (you) after analyzing tens of thousands of phish campaigns from start to finish I've never seen a 1% return rate or anything even close to 1% which makes any discussion of 10% irresponsible."

I think he will respond to you.
There is already 127 comment
»news.ycombinator.com/ite ··· =4629906

»news.ycombinator.com/ite ··· =4630156