Re: Anti-Phishing Strategies

["Kurt Buff" <kurt.buff () gmail com>]

Depends on your infrastructure.

Most phishing attacks come through email, so I'd crank up the security
of your email - in particular, I'd do all I could to enforce that you
validate senders (so that mail with spoofed senders gets rejected) and
quarantine email with the most dangerous attachments (all
Microsoft-style documents such as .xls, .doc, .ppt etc., and probably
PDFs and zip files as well) so that they must be deliberately rescued
by the recipient.

User education is wasted if it's only of the kind that says to users
"don't open attachments from people you don't know", etc. Much better
(if your org or user base can tolerate it) might be to send email that
actually tempts users to do silly things, and then chides them for it.
There's no lesson quite like having the firecracker go off in your
hand, and if you give them one that makes a loud noise without
actually blowing off their fingers, they'll be careful when they
handle the really dangerous stuff.

Kurt

On Wed, Apr 9, 2008 at 10:11 AM, Al Cooper <cooper () hmcnetworks com> wrote:
> One of my customers has recently been a target of a targeted and somewhat
>  successful phishing attack.  I am looking at strategies to counteract this
>  and future attacks.  We are doing all the normal education stuff, but the
>  customer base is large.
>
>  I am looking at companies like MarkMonitor & Cyveillance.  Does anyone have
>  any experience with these type of companies?
>
>  Any other strategies that I should consider?
>
>  Thanks for your help,
>
>
>
>
>
>  --
>  This message has been scanned for viruses and
>  dangerous content by MailScanner, and is
>  believed to be clean.