Re: [exim] Anti Phishing ACL

Top Page
Delete this message
Reply to this message
Author: W B Hacker
Date:  
To: exim users
Subject: Re: [exim] Anti Phishing ACL
neil wrote:
> Ian Eiloart wrote:
>> That's useful. It's shocking that most of these banks haven't implemented
>> SPF. I guess that an SPF check before using your snippet might help. I've
>> checked to see which on your list do implement SPF - at
>> <http://www.kitterman.com/spf/validate.html>. Of course, none of this helps
>> if the phishers don't use these domains!
>>
> I have tried in the past to contact banks and ask about SPF, DKIM etc,
> but I have had no reply.
> Its almost as if they welcome fraud ;-)


Not so...

Nearly all banks, brokerages, credit-card issuers, mortgage and
insurance firms run a 'private' message system for online customers
within their own logged-in system.

The ONLY email they send is either advertising/promotional, OR a
'heads-up' for you to log-in and view a waiting message on THEIR system.

It is the second one that the 'Phishermen' try to emulate.

But anyone who clicks on a URI in a message - even the most valid of
them - is making a serious mistake.

What the 'wise' do is go off to their own known-good URI and login
independently.

At this point, the better financial houses have trained their customers
to expect a chosen user-specific graphic and/or engage in a
challenge-response session randomly selected from a previously agreed
set of many such.

If asked your 'favorite color' and the expected answer stored in their
DB is: 'Six helicopters' you are pretty safe. No more easily retrieved
'Mother's maiden name'.

Sae is relative.

Up until someone looks over your shoulder long enough with good optics,
anyway.

But most financial houses are now doing a better job of securing their
online transactions than they have done of making sound investments.....

In a sense, if you've been reading the news, the fraud that hurt the
most was an 'inside job', not over the internet.

:-(

Bill


>
> Yes I know that SPF etc breaks stuff <cue furious debate about
> forwarding>, but I would have though that in the few cases where people
> set up deliberate forwarding they could whitelist, versus the millions
> of phishing mails sent each day.
>
> Rgds
> n
>
>