For over a decade I have been back and forth on this particular issue.

It started out as instructing our users to not open attachments from email senders you don't know.

Then it was don't go to sites from email senders you don't know.

Then it was don't even OPEN email from senders you don't know.

Now its don't OPEN email from people in our own domain..

As the "FROM:" field gets spoofed more and we encounter the latest attempts (I have seen some from our own domain with names like TechSupport) We can only lay so much blame on our users. The rules keep changing.

Our email content filters, AV and Firewall software updates (almost) every night.

But ask yourself this: Do we have the same issues with OpenSource OS's? With MAC OS?

Would there be a market, need or staff of security people if these problems did NOT exist in the MS world?


[ reply ]

Link to this comment: http://www.securityfocus.com/comments/columns/236/25996#25996