Phishing & BotNets
explaining phishing to a naive user Jan 24 2007 05:43AM
Saeed Abu Nimeh (drellman hotmail com) (5 replies)
Re: explaining phishing to a naive user Feb 14 2007 09:44AM
Lionel Ferette (lionel ferette belnet be)
Re: explaining phishing to a naive user Feb 11 2007 11:27AM
Isaac Perez Moncho (suscripcions tsolucio com)
Re: explaining phishing to a naive user Jan 25 2007 10:24AM
Ivan Markovic (ivanm net gmail com)
Re: explaining phishing to a naive user Jan 25 2007 02:06AM
Carl Jongsma (info skiifwrald com)
Hello Saaed,

The utmost simplest (and most accurate) means of explaining phishing
to all user levels is as follows:

- 'Is the email asking me to supply any information that is
confidential, personally sensitive, financially sensitive, could
allow someone to access financial / service accounts; or is it asking
me to follow a link and do the same?' If so, then it is more than
likely a phishing attempt.

Anything else will only confuse the user and does not need to be
processed to identify a phishing email (it will help identify
messages that someone with more experience should look at). A
cursory sample of spam / phishing attempts that hits just one of my
mailboxes throws up several cases which would defeat even the short
list that you supplied.

On 24/01/2007, at 4:13 PM, Saeed Abu Nimeh wrote:

> Hi All,
> If I want to explain email phishing to set of user (novice,
> intermediate, and experts), can I summarize --let us say-- a list
> of 100
> questions that a user answers gradually to find if this email is
> phishing or not? Examples of questions I can think of:
> - does email contain html
> - does email contain java script
> - is there a mismatch between the url displayed in the email and the
> source link <a href>
> - does the email contain misspellings
> - does the email contain an open greeting (i.e. dear customer
> instead of
> dear j smith), etc.
> I was thinking of summarizing couple of hundred questions (or less)
> targeted to novice, intermediate and expert users. I have around 20
> thing in mind, however i was hoping to gt more.
> Thanks,
> Saeed
> p.s. of course answering one question by it self will not lead to the
> conclusion that this email is phishing. For example: email contains
> html
> does not mean it is automatically phishing


Carl Jongsma
info (at) beskerming (dot) com [email concealed]
Sûnnet Beskerming Pty. Ltd.
Adelaide, Australia
Tel: 0410 707 444 / 08 8283 1154

Jongsma & Jongsma Pty. Ltd.

Established in mid 2004, Jongsma & Jongsma Pty. Ltd. is a pure
Research and Development company focussing on advanced software and
hardware concepts. Since inception, Jongsma & Jongsma Pty. Ltd. has
already developed software tools for advanced user and security
management in web applications, complete data protection, and
effective phishing defences for financial companies.

Sûnnet Beskerming Pty. Ltd.

Established in mid 2004, Sûnnet Beskerming Pty. Ltd. is the sister
company to Jongsma & Jongsma Pty. Ltd., and was formed to develop and
commercialise the research coming out of Jongsma & Jongsma Pty. Ltd..
Sûnnet Beskerming Pty. Ltd. is an Information Security specialist
and, in conjunction with the tools developed by Jongsma & Jongsma
Pty. Ltd., provides total security solutions and services, from the
perimeter to internal data stores, including web application security
and security testing and analysis.

[ reply ]
Re: explaining phishing to a naive user Jan 25 2007 01:10AM
Radu Oprisan (radu securesystems ro)


Privacy Statement
Copyright 2010, SecurityFocus