← Back to context

Comment by array_key_first

4 months ago

If you can convince someone over the phone to install malware thru a million "don't do this" screens, you can convince them to just give you their login credentials. Which is both easier, cheaper, and, I imagine, more effective.

And yet, criminals create banking trojans at scale. They wouldn't do this if it was more effective to always do traditional phishing.

  • Well they do both, and as I said I imagine most phishing is traditional, through the phone or email. Casting a wide net is just good business, but simply eradicating malware won't make phishing no longer possible.

    And I'm being extremely generous here, because this won't erradicate malware. It will make a specific subset of malware harder to distribute. I imagine most malware is distributed through the play store, and naturally that will be unaffected.