Home page logo

nanog logo nanog mailing list archives

Re: Dear RIPE: Please don't encourage phishing
From: Sven Olaf Kamphuis <sven () cb3rob net>
Date: Sun, 12 Feb 2012 19:15:28 +0000 (UTC)

That's why I recommend that banks et.al. don't put *any* URLs in their
messages.  If they make this an explicit policy and pound it into the
heads of their customers that ANY message containing a URL is not from
them, and that they should always use their bookmarks to get to the
bank's site, then they're training their customers to be phish-resistant.

they do, and the next thing you know, someone in marketing sends out an email with an url -anyway-.

considering the fact that banks don't seem to like to be contacted by emails nor get replies (noreply () ) i'd strongly suggest them not to use crappy obsolete SMTP at all but rather present the users with their messages they don't want to distribute by paper mail -after- logging into their online banking system, where they can use all the html, links, flash *kuch* etc they want.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]