two quick notes at the start of an insanely busy day:
1. last night mashable reported that a twitter rank was actually a spoof set up to steal people's twitter username/passwords (though it was done to point out the vulnerability first and foremost). drop.io pointed out and started a petition on the same topic months ago
2. this am reading scott heiferman's blog i noted a post about a group that had put together a fake copy of the new york times-- the quote begins 'a web spoof would have been infinitely easier'
why am i briefly noting these things? because they are two quick examples of an increasing slide towards information and access confusion on the web. it is indeed much much harder to spoof the new york times, which has hundreds of qualities (type faces, paper feel, distribution channel, editorial style) which make the real one easy to identify and the fake one much much harder - but it is almost impossible to identify a very very good spoof or ploy on the web. in the physical presence of another person humans use hundreds of characteristics to verify identity, what are you using online? a user name and password - please.
this isn't a new problem - grandma has been sending money to nigerians for 10 years. some tech has evolved to help - ssl. but the war of attrition continues, and it is entering a new phase, where i am sure i, along with everyone else, will get duped by smarter subtler ploys.... because it is really hard to feel the paper quality of a website.