Back to list
Phishing - feature or flaw
Jun 24 2005 10:38PM
Secure Science Corporation Bugtraq (bugtraq securescience net)
Phishing Solutions (was: Phishing - feature or flaw)
Jun 27 2005 11:56AM
Chris Brenton (cbrenton chrisbrenton org)
On Fri, 2005-06-24 at 18:38, Secure Science Corporation Bugtraq wrote:
> Are these really features, or are they flaws now because of the phishing
> can do a lot of nasty stuff if someone were inclined. But phishing has
> caused us to take a look at the once dubbed features of DHTML, and
> possibly put responsibility onto the browser vendors for fixing these
> now dubbed "flaws".
Regarding fixes, I'm curious what people are doing to solve this
problem. Attacking it at the browser level is not exactly efficient,
especially if you have a large network.
Personally, I've been messing around with MailScanner and I'm pretty
impressed with its ability to detect and neutralize phishing attacks.
Jun 25 04:09:49 mail MailScanner:
Jun 25 07:47:18 mail MailScanner: Found ip-based phishing fraud
from 220.127.116.11 in j5PBlCed008230
Jun 25 09:54:45 mail MailScanner: Found phishing fraud from
mail.yahoo.com claiming to be www.yahoo.com in j5PDsaTH009054
Jun 25 14:13:38 mail MailScanner: Found phishing fraud from
webserver.osdepym.com.ar claiming to be www.paypal.com in j5PIDRkJ010804
Obviously the Yahoo entry is a false positive, but you can simply add it
to a white list to keep it from being flagged in the future. Once
detected, you can delete the e-mail, neutralize the URL and pass it
through with a warning banner, ignore it, or what ever you want. Pretty
Just curious if others have run across similar solutions out there and
whether you think they are effective or not.
[ reply ]
Copyright 2010, SecurityFocus