Home page logo

basics logo Security Basics mailing list archives

Re: Anti-Phishing Strategies
From: Pedro Fortuny Ayuso <info () pfortuny net>
Date: Fri, 11 Apr 2008 21:22:03 +0200

El 09/04/2008, a las 21:50, Timmothy Lester escribió:
We are doing all the "normal education stuff"

It is my personal opinion that NORMAL education is not enough.. Most of
the time this is just information that goes in one ear and out the
other.  Since it's a "customer" you are dealing with, I don't know how
you should be responsible, but in any case you need to TRAIN people
rather than educate them.  You almost have to scare people, by holding
them responsible for their ignorant actions.

I tend to agree. I guess (apart from restrictive filtering, only allowing
outbound access to certain web pages) the only way to prevent being
cheated is either by experience or by over-reaching security.

Is web **browsing** **really** necessary? Can your company live with just
accessing some banks and a couple of other well-known sites?


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Al Cooper
Sent: Wednesday, April 09, 2008 1:11 PM
To: security-basics () securityfocus com
Subject: Anti-Phishing Strategies

One of my customers has recently been a target of a targeted and
successful phishing attack.  I am looking at strategies to counteract
and future attacks.  We are doing all the normal education stuff, but
customer base is large.

I am looking at companies like MarkMonitor & Cyveillance.  Does anyone
any experience with these type of companies?

Any other strategies that I should consider?

Thanks for your help,

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

Pedro Fortuny Ayuso.
Desarrollo y mantenimiento de Redes. Seguridad.
Analisis de Datos.
C/Capuchinos 14, 1-s. 47006 Valladolid, SPAIN

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]