mailing list archives
Re: Dear RIPE: Please don't encourage phishing
From: Sven Olaf Kamphuis <sven () cb3rob net>
Date: Sun, 12 Feb 2012 19:15:28 +0000 (UTC)
That's why I recommend that banks et.al. don't put *any* URLs in their
messages. If they make this an explicit policy and pound it into the
heads of their customers that ANY message containing a URL is not from
them, and that they should always use their bookmarks to get to the
bank's site, then they're training their customers to be phish-resistant.
they do, and the next thing you know, someone in marketing sends out an
email with an url -anyway-.
considering the fact that banks don't seem to like to be contacted by
emails nor get replies (noreply () ) i'd strongly suggest them not to use
crappy obsolete SMTP at all but rather present the users with their
messages they don't want to distribute by paper mail -after- logging into
their online banking system, where they can use all the html, links, flash
*kuch* etc they want.