Fight Phishing - The Perfect Plan

Phishing is a bad thing

I have devised a simple approach to the ever-growing problem of Internet Phishing.

Having worked on the Internet since its birth, I have been keenly aware of this problem; watching it grow in a non-linear fashion in recent years. There are numerous technology solutions; some quite complex and annoying. But this is really not a technology problem. It is a human problem.
We need help, as human beings, in managing our Internet experience.

I have a solution. I ask you to bear with me – understand how this works – and indulge me in giving it a try. Together, we may just revolutionize the safety of the Internet!

Whenever you log into a site, get in to the habit of FIRST entering an incorrect password.
“That sounds ludicrous!”, I hear you shouting. Well think about it this way. Suppose I am logging into my mortgage bank. This is a site I go to barely twice a year. The big banks are also prime targets for Phishing.
The victim of a successful phishing attempt will provide a valid username and associated password – believing she is logging into the bank site – to the criminal. And what’s more disturbing, the victim is completely unaware it even happened!

With my plan to fight Phishing this changes.

If I have correctly arrived at my bank’s site, it will: a. recognize my erroneous entry
b. prompt me to try again
On that second attempt I will successful access my account

If this is a phishing site it will a. gladly accept my first entry – pretending to log me into my bank site – having STOLEN my username and the password I provided. This is because, as a phony site, it does not know my password and cannot detect that my entry was invalid.
b. The phisher has NOT SUCCESSFULLY stolen my login information
c. I am instantly alerted to the fact that something is wrong

Revenge on the bad guys

What’s more noteworthy is that I have provided the phisher useless infromation. He will sell the set of username/passwords collected and, over time, be recognized as a bad source when a large number of them are incorrect.

I think it is a perfect plan! If we all make the committment to inconvenience ourselves just a little there might be a day that phishing is extinct!

Related Post: Make Your P@55w0rd secure