Re: [exim] Anti Phishing ACL

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Ian Eiloart
Date:  
À: W B Hacker, exim users
Sujet: Re: [exim] Anti Phishing ACL


--On 31 October 2008 00:02:30 +0800 W B Hacker <wbh@???> wrote:

> neil wrote:
>> Ian Eiloart wrote:
>>> That's useful. It's shocking that most of these banks haven't
>>> implemented SPF. I guess that an SPF check before using your snippet
>>> might help. I've checked to see which on your list do implement SPF -
>>> at
>>> <http://www.kitterman.com/spf/validate.html>. Of course, none of this
>>> helps if the phishers don't use these domains!
>>>
>> I have tried in the past to contact banks and ask about SPF, DKIM etc,
>> but I have had no reply.
>> Its almost as if they welcome fraud ;-)
>
> Not so...
>
> Nearly all banks, brokerages, credit-card issuers, mortgage and
> insurance firms run a 'private' message system for online customers
> within their own logged-in system.
>
> The ONLY email they send is either advertising/promotional, OR a
> 'heads-up' for you to log-in and view a waiting message on THEIR system.
>
> It is the second one that the 'Phishermen' try to emulate.


And, that's the class of spam that this is attempting to deal with.

> But anyone who clicks on a URI in a message - even the most valid of
> them - is making a serious mistake.


Yes, but people do. Phone someone now, and ask them for the credentials to
log in to their bank. 99% will give you the details, according to a call
bank centre manager that I spoke to.

> What the 'wise' do is go off to their own known-good URI and login
> independently.
>
> At this point, the better financial houses have trained their customers
> to expect a chosen user-specific graphic and/or engage in a
> challenge-response session randomly selected from a previously agreed
> set of many such.
>
> If asked your 'favorite color' and the expected answer stored in their
> DB is: 'Six helicopters' you are pretty safe. No more easily retrieved
> 'Mother's maiden name'.
>
> Sae is relative.
>
> Up until someone looks over your shoulder long enough with good optics,
> anyway.



> But most financial houses are now doing a better job of securing their
> online transactions than they have done of making sound investments.....
>
> In a sense, if you've been reading the news, the fraud that hurt the
> most was an 'inside job', not over the internet.
>
> :-(
>
> Bill
>
>
>>
>> Yes I know that SPF etc breaks stuff <cue furious debate about
>> forwarding>, but I would have though that in the few cases where people
>> set up deliberate forwarding they could whitelist, versus the millions
>> of phishing mails sent each day.
>>
>> Rgds
>> n
>>




--
Ian Eiloart
IT Services, University of Sussex
x3148