|
|
|
|
|
|
by vimax
1870 days ago
|
|
|
This scam presented a fake NSL to the registrar so even a premium registrar wouldn't help. Multiple domains through multiple registrars seems like the only work around. You could establish 3 domains for a user to recognize: application.com, application-login.com, and application-announcements.com Users know to go to the login domain, and know to verify they are sent to application.com. Users know that all announcements appearing on the login or application domain would also be posted to the announcement domain for verification. On the login domain you would only enter a username and then be forwarded to a password page on the application domain. An attacker would have to take control of 2 domains to get your password, and all 3 to intercept payments. |
|
|