Six Strikes Is The Best Phishing Opportunity Ever

2 min read

Over the last few years, a group of Internet Service Providers, the Motion Picture Association of America, and the Recording Industry of America came together to create a system they are calling Six Strikes. Under this system, anyone can be accused of infringing copyright, and once a person has been accused, they can appeal the accusation for a cost of 35.00 US.

If a person/household/school gets accused six times, they can face a series of penalties, including reduced access to the internet. Ars Technica had a good article on this yesterday, and has some good additional background on the issue.

Regardless of what you think about Six Strikes as corporate policy, however, you have to admit it's a gift to people looking to steal credit card information, and other personal information.

I've included an image of one of the warning notices below (pulled from an Ars Technica post):

Warning notice

Note the button pointing to a login screen, and the text inviting you to log in to your account. Replicating the look and feel of these alerts is a simple task, and editing the text to point to a fake account creation page is equally simple.

And, given that Six Strikes allows "offenders" to contest the charge for 35.00, in this context, a link to a "Contest this Charge" page, complete with a credit card form, would actually make sense.

It's unclear whether this corporate policy masquerading as a legal response will actually do anything to address copyright infringement, but the phishers and identity thieves have been given a gift.

, , ,