Feature Request: Phishing

Roger Jochem roger at RUDNICK.COM.BR
Tue Jan 18 15:38:41 GMT 2005


    [ The following text is in the "iso-8859-1" character set. ]
    [ Your display is set for the "US-ASCII" character set.  ]
    [ Some characters may be displayed incorrectly. ]

I don't understand what you mean with:

"How about we combine these 2 threads that really have the same subject as
well as the same Subject: ?"

----- Original Message -----
From: "Julian Field" <MailScanner at ECS.SOTON.AC.UK>
To: <MAILSCANNER at JISCMAIL.AC.UK>
Sent: Tuesday, January 18, 2005 1:10 PM
Subject: Re: Feature Request: Phishing


> I'm still wary, as you are teaching users it is always safe to click on
> a link in an email address. Short-term that's good, but I'm not so
> convinced about the long-term wisdom of this.
>
> But as an option (particularly as a "default") it would be okay I guess.
>
> How about we combine these 2 threads that really have the same subject
> as well as the same Subject: ?
>
> Roger Jochem wrote:
>
> >But thats the real link...
> >
> >If the e-mail says
> >
> >access www.linux.com and it's a fraud, the <a href> is www.windows.com .
If
> >www.windows.com is removed, the real address (www.linux.com) would be
> >accessible... Or not?
> >
> >----- Original Message -----
> >From: "Julian Field" <MailScanner at ECS.SOTON.AC.UK>
> >To: <MAILSCANNER at JISCMAIL.AC.UK>
> >Sent: Tuesday, January 18, 2005 12:45 PM
> >Subject: Re: Feature Request: Phishing
> >
> >
> >
> >
> >>But the user's mail client will display the address as a link. So you
> >>haven't gained anything much.
> >>
> >>Roger Jochem wrote:
> >>
> >>
> >>
> >>>Even so, the link would disapear, but the address (the real one) don't.
> >>>
> >>>
> >If
> >
> >
> >>>the user really wants to access it, it could be done simply by cutting
> >>>
> >>>
> >and
> >
> >
> >>>pasting the address in the browser...
> >>>
> >>>And would be an option. "Disarm", "Allert", or "No" would be the
> >>>
> >>>
> >options...
> >
> >
> >>>No - Would not look for the frauds
> >>>Allert - Would work like today
> >>>Disarm - Would be the new option
> >>>
> >>>
> >>>
> >>>----- Original Message -----
> >>>From: "Julian Field" <MailScanner at ECS.SOTON.AC.UK>
> >>>To: <MAILSCANNER at JISCMAIL.AC.UK>
> >>>Sent: Tuesday, January 18, 2005 12:03 PM
> >>>Subject: Re: Feature Request: Phishing
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>
> >>>>I purposely didn't do that as there is an inevitable false alarm rate.
I
> >>>>don't even tag the Subject: line. Having a valid (false positive) link
> >>>>removed would annoy my users very quickly!
> >>>>
> >>>>Roger Jochem wrote:
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>>I'd would like to have a way of "disarming" phishing frauds from the
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>e-mail
> >>>
> >>>
> >>>
> >>>
> >>>>>instead of warning the user about it.  Could it be done? Something
like
> >>>>>removing the <a href...> from the e-mail, disabling the fraud. Even
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>warning
> >>>
> >>>
> >>>
> >>>
> >>>>>my users, some of them open the link. Maybe because they're curious
> >>>>>
> >>>>>
> >about
> >
> >
> >>>>>it... Is it possible?
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> >>>>>
> --
> Julian Field
> www.MailScanner.info
> Buy the MailScanner book at www.MailScanner.info/store
>
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list