Hacker News new | ask | show | jobs
by UncleMeat 117 days ago
Friction does matter. Yes, criminals will create fake accounts with stolen IDs and stolen credit cards. But creating 1,000s of these is hard. Creating polymorphic banking trojans is simple.

I don't know if this trade off is worth it, but the idea that it won't affect this abuse at all is false.
1 comments
array_key_first 117 days ago
If you can convince someone over the phone to install malware thru a million "don't do this" screens, you can convince them to just give you their login credentials. Which is both easier, cheaper, and, I imagine, more effective.
link
UncleMeat 117 days ago
And yet, criminals create banking trojans at scale. They wouldn't do this if it was more effective to always do traditional phishing.
link
array_key_first 116 days ago
Well they do both, and as I said I imagine most phishing is traditional, through the phone or email. Casting a wide net is just good business, but simply eradicating malware won't make phishing no longer possible.

And I'm being extremely generous here, because this won't erradicate malware. It will make a specific subset of malware harder to distribute. I imagine most malware is distributed through the play store, and naturally that will be unaffected.

link