Phishing & BotNets
phishing attack May 01 2006 03:56AM
anon sumfin de (1 replies)
RE: phishing attack May 01 2006 09:38PM
AJ Rembert (ajrembert stny rr com) (2 replies)
RE: phishing attack May 02 2006 01:29PM
David Dominick (dominickda corp earthlink net)
Re: phishing attack May 02 2006 03:11AM
Jason Ross (algorythm gmail com)
On 5/1/06, AJ Rembert <ajrembert (at) stny.rr (dot) com [email concealed]> wrote:
> Good question, one thing you can do through phishing detecting
> software is, notice, the form is hosted on a different location that a)
> other links and b) images.

With this in mind, I wonder why it is that in discussions of the
phishing problem I rarely see it mentioned (or even suggested) that
simply viewing email in plain text format would go a long way to
contain the threat.

It seems to me that doing this has at least the following advantages:

1. It removes the deceptive "look alike" trap of phishing emails. A
plain text email with a bunch of html code in it is certainly not
going to fool an end user into thinking it's <Financial-Institution>

2. Should #1 fail, a target has to manually copy/paste the link
into their browser to navigate to the phishing site

3. Savvy users (read: folks that can navigate a bunch of html code)
will be able to see that the links are going to random sites, rather
than to <Financial-Institution>

I understand that corporate execs/marketing/whatever enjoy the
benefits of having their bulleted lists and such, and on the other
end, 'joe user' likes having their silly animations and whatnot
(though I guess my POV is intended more for a corp. side of things).
In spite of that however, I am honestly surprised that this tactic
isn't presented in the discussion of what to do about phishing more
often.

It's quite likely that I'm missing something obvious (I have a knack
for doing so), but the more I deal with phishing, the more I believe
that this simple change would save everyone a whole lot of time and
money. (Preaching to the choir here I'm sure, it's just been on my
mind a bit of late)

--
Jason Ross

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus