My IT Sec professor told us about a project he one had. It was a website mimicking an online banking website. He wanted to demonstrate how a phishing attack would look. He made sure to clearly state on the site that this was not, in fact, an online banking website.
Still people would enter their real banking credentials and he was forced to take it down.
I tell this story from memory. It may be off in the details.
My IT Sec professor told us about a project he one had. It was a website mimicking an online banking website. He wanted to demonstrate how a phishing attack would look. He made sure to clearly state on the site that this was not, in fact, an online banking website.
Still people would enter their real banking credentials and he was forced to take it down.
I tell this story from memory. It may be off in the details.