I think this particular tactic will be short lived, that is email solicitation, voip capture of the credentials. It will take some time to get the first sites shut down but it won't take long to get a process set up. Telephone service is heavily regulated and there will be some to-ing anf fro-ing with writs at first.
There is a very small number of VOIP providers relative to ISPs though. In a very short time there will be a well understood process in place.
My big fear is what will happen when the solicitation goes out via VOIP. That is going to be easy to shut down once discovered but much harder to discover. We will have to rely on individual consumers contacting us to report the attacks. That is going to be hard to set up.
Wednesday, June 28, 2006