Fraud and Phishing detection

Julian Field mailscanner at ecs.soton.ac.uk
Wed Aug 16 20:28:29 IST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

See www.phishingnet.info, it will give you an introductory idea of what 
goes on. I will try to update it at some point in the near future.	

DAve wrote:
> Michele Neylon:: Blacknight.ie wrote:
>> DAve wrote:
>>> I have looked through the wiki and the website. I found
>>> http://www.mailscanner.info/support.html#phishing but nothing more.
>>>
>>> Can anyone tell the rules/logic used for detecting Fraud and Phishing
>>> attempts in a message? Or is this a read the source moment?
>>>
>>> Thanks,
>>>
>>> DAve
>> If you enable it and watch what it does to a phishing email it'll make
>> more sense :)
>>
> 
> I did, and I have. But I only get to see the page *after* MS has 
> disabled it.
> 
> I have clients asking "Why?". They are not complaining, just asking how 
> it works, they are glad we are disabling suspected fraud. I would like 
> to say what the system is looking for and provide a valid example in 
> before and after states.
> 
> The bottom line, it works, and works well. But I don't want to sound 
> stooopid because I can't explain how it works with confidence.
> 
> DAve
> 

- -- 
Julian Field
www.MailScanner.info
Buy the MailScanner book at www.MailScanner.info/store

MailScanner customisation, or any advanced system administration help?
Contact me at Jules at MailScanner.biz

PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
For all your IT requirements visit www.transtec.co.uk

-----BEGIN PGP SIGNATURE-----
Version: PGP SDK 3.7.0
Charset: ISO-8859-1

wj8DBQFE43HhEfZZRxQVtlQRAnL6AKCU2ijbZbbepdxmKKdcIan0pG4S+gCfV4Ks
YIBRPBNjcHHkqaIJtI6SnzM=
=bFZf
-----END PGP SIGNATURE-----

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
For all your IT requirements visit www.transtec.co.uk



More information about the MailScanner mailing list