On Tue, Apr 15, 2008 at 11:04 AM, Paul Ferguson <fergdawg@netzero.net> wrote:
In fact, we have done just that -- develop a standard boilerplate very similar to what PIRT uses in its notification(s) to the stakeholders in phishing incidents.
The boilerplate is no damned use. PIRT - and you - should be focusing on feedback loops, and that would practically guarantee instant takedown, especially when the notification is sent by trusted parties.
Again, our success rate is somewhere in the 50% neighborhood.
With the larger providers it will get to 100% once you go the feedback loop route. Do ARF, do IODEF etc. You will find it much easier for abuse desks that care to process your reports. You will also find it easier to feed these into nationwide incident response / alert systems like Australia's AISI (google it up, you will like the concept I think) srs