how can I stop citibank phishing

Steve Swaney Steve.Swaney at FSL.COM
Mon Oct 4 23:54:42 IST 2004


> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> Behalf Of Robin M.
> Sent: Monday, October 04, 2004 6:25 PM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: how can I stop citibank phishing
>
> On Mon, 4 Oct 2004, Michele Neylon : Blacknight Solutions wrote:
> > On Mon, 2004-10-04 at 17:44 -0400, Robin M. wrote:
> > > What are peoeple doing to stop citibank phishing.
> > >
> > > I am seeing alot of citibank phishing mail getting through, and it
> turns
> > > up in peoples mailboxes who are not listed as recipients.
> > >
> > > What are people doing to stop this.
> >
> > Have you looked at any of the SA custom rules?
>
> yeah I am using the rulesdujour suite with most of the rule-sets.
>

<Start Rant>

At the risk of sounding defeatist, it's difficult to protect your users
against all of the possible scams on the internet. A lot of the pfishing
scams depend on speed. I know of a site that was just recently compromised
to act as an unwitting conduit for the usernames and passwords in a recent
phishing scam. It wasn't long until the scheme was discovered and stopped
but thousands of login/passwords were compromised in a very short period of
time.

How did the compromise occur? Can you Spell STr0ngP1ssw0rdS :(

While Julian, The SpamAssassin team, the SURBL crew and many others in the
open Source community are providing us with some very good defenses, you can
be sure that some of these phishing scams will slip through.

As a result we are taking some additional steps and recommending to our
customers that they do the same.

1. We sending out a monthly reminder to never, ever respond to an email that
request you click on a link to verify ANYTHING that is requested in an
email. They should forward such emails to the help desk where we will deal
with them.

2. We will vary the message monthly and make it as readable as possible so
it does get read.

You need to be repetitive with this message because every month there are
newbies in our user core who are not sophisticated enough to know of these
dangers. These are the people who fill in the usernames / passwords.

Will this solve the problem? No. There needs to be:

1. Better publicity in all ot the media regarding this type of fraud.
2. Better international enforcement to stop and prosecute Internet fraud
3. Quicker ways of early detection and cutting off access to the fraud
conduit sites.

The financial institutions need to participate with the law enforcement and
Internet community in addressing items 1-3 above. Unfortunately the trend
has been for financial institutions to publicly ignore fraud and cover up
break ins and theft.

And until they do, you and I will face higher fees to cover their losses due
to scams and fraud.

<End Rant>

This obviously a sore subject with me but not really a topic for the MS list
so feel free to send flames or comments to steve at fsl.com.

Thanks for listening,

Steve

Steve Swaney
President
Fortress Systems Ltd.
www.fsl.com
steve.swaney at fsl.com



--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Fortress Systems Ltd.
www.fsl.com

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).



More information about the MailScanner mailing list