Quote:
Originally Posted by rryles
You're correct that some data needs to be sent "unscrambled" to set the connection up. However this isn't enough information to decide if the connection should be flagged as a phishing attempt. Webwise will only see the ip address, port and possibly the domain name of the site you are visiting. There are types of attack where this data will be for a completely legit site so will appear OK.
The URL is not sent until the encrypted connection has been set up.
|
It just seems odd that something sitting at the ISP level would not be able to say https:\\aphishsite.com or https\\xxx.xxx.xxx.xxx when requested is a phishing site on their list (disregarding for the moment how complete that list is)
I confess to not knowing enough in this area though!
Hank