URL switching in e-mails

[Justin Sipher <jsipher () SKIDMORE EDU>]

All,

Happy New Year.  I am curious to know how others deal with this e-
mail related issue.  As a part of our process to protect our user
community we do a variety of things from a SPAM and A/V perspective.
One thing we do is look for "bait-and-switch" URL swapping which is
all too often used for Phishing.  What I mean is when in a HTML based
e-mail is says one URL but the associated hyperlink is to a different
URL.  Our current approach is to insert text into the body of the
messages to alert our user to this discrepancy.  The text we insert
looks like this (with fictional URL's in this case).

> > MailScanner has detected a possible fraud attempt from
> > "www.bogus.com" claiming to be http://www.real-url.com

We are now getting some push back from users claiming that this
inserted text makes it "beyond difficult" to read the messages
clearly. (please don't laugh)  So, I am asking all of you if you do
similar things or even if you do different things?  I would be
curious to know what is the "standard" practice within Higher Ed if
there is one.  What is happening is that there are legitimate
organizations using this technique as a part of mass e-mails as I
believe it is doing a simple redirect to the actual URL after it
inventories the fact that the link was clicked on.  Legitimate
examples I have seen of this technique are in the University Business
daily e-newsletter, propaganda from Palm, the Chronicle of HE/Gartner
Symposium announcement, and even an e-mail from EDUCAUSE.

Anyone else looking out for this practice and if so, how are you
addressing it?

Thanks,
...Justin

_______________________________________________________
  Justin Sipher
  Chief Technology Officer
  Skidmore College
  Saratoga Springs, NY
  jsipher () skidmore edu
  518-580-5909
_______________________________________________________