Aaron Rodden: Concerning your article on Phishers Strike PayFlow Merchants: I would argue [against] Kudos to Verisign. The phishing email contained the partner id, merchant id, customer name, company name and contact email address as it is found in Verisign’s database that drives their Payflow website. The phisher was not trying to verify this information. They were trying to get additional info - for example a credit card and social security number from the Verisign Payflow customer. I kept a copy of the phishing website before I reported the incident to Verisign, the FTC, and to Yahoo (the phisher was collecting the form submit to a Yahoo email address). Back to my point, the info in the phishing email isn’t information someone can just gather from the Internet. This is customer data specific to the Verisign customer database and I believe they are covering up a security breach and have actually violated their customer privacy policy; but everyone seemed to miss that.