[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Asrg] Re: White/black lists
On 9 Dec 2005 at 11:35, gep2 at terabites.com wrote:
> Most users, by default would not need to enable executable attachments coming
> from ANYBODY AT ALL. The result of that fairly simple rule would all by itself
> very nearly eliminate E-mail as a vector for distribution of worms and viruses
> (at least, arriving in attachments!).
The virus-laden emails I've seen lately have packaged their payload in a
ZIP file rather than an executable, and have relied on social engineering
to get their targets to open the zip file and execute the contents.
> Eliminating HTML in E-mails from unknown/untrusted senders would force most
> "phishing" spams out into the open by making it harder to hide misrepresented
> URLs... by eliminating cases where a link looks one way but actually "under the
> covers" goes to some rogue server in Romania or the like.
A simple re-coding of mail clients could detect the majority of these URL
mismatches -- when a link in an email is clicked, check the link's
visible text, if it looks like an URL, then compare it to the link's
anchor URL. If they're the same, then everything's okay. Otherwise, pop
up a warning that tells the user that the URL may be a phish.
I know of one mail client that is doing this at present. It really
wouldn't be difficult to do in the others, and would frustrate the
phishers to no end.
Cheers
GRB
--
===========================================================
Greg R. Broderick
gregb at blackholio.dyndns.org
-----------------------------------------------------------
Some people are like Slinkies -- not really good for
anything, but they still bring a smile to your face
when you push them down a flight of stairs.
===========================================================
_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg