Educause Security Discussion mailing list archives

Re: Phishing Links

From: "Flynn, Gary - flynngn" <flynngn () JMU EDU>
Date: Wed, 7 Jul 2010 20:43:48 +0000

But now all the phishers know what to include in their messages to you. :)

A signature that includes a link to a site with an SSL cert and that requires client cert authentication might do the 
trick assuming all the recipients have a client cert and people can be trained on what to expect when that verification 
site is clicked. (e.g. Certificate error vs password login screen)

Of course, the link doesn’t have to convince someone to provide passwords and bank account numbers to be effectively 
malicious. Some just want the recipient to click the link so whatever buggy, bloated document reader or media player 
that might be installed can be exploited.



On 7/7/10 4:34 PM, "Ben Woelk" <fbwis () RIT EDU> wrote:

We handled the authenticity of messages a little differently. We have a signature standard with required elements. In 
addition, any message that arrives with the term “password” gets a warning prepended to it.

Our signature standard is at http://security.rit.edu/signaturestd.html

Current thread:

Re: Phishing Links, (continued)
- - Re: Phishing Links Joel Rosenblatt (Jul 07)
- Re: Phishing Links Flynn, Gary - flynngn (Jul 07)
  - Re: Phishing Links Pete Hickey (Jul 07)
    - Re: Phishing Links Martin Manjak (Jul 07)
    - Re: Phishing Links Ben Woelk (Jul 07)
    - Re: Phishing Links Martin Manjak (Jul 20)
    - Windows 0-day David Opitz (Jul 21)
    - Re: Windows 0-day Greg Williams (Jul 21)
    - Re: Windows 0-day Greg Williams (Jul 27)
  - Re: Phishing Links Ben Woelk (Jul 07)
    - Re: Phishing Links Flynn, Gary - flynngn (Jul 07)
- Re: Phishing Links Greg Vickers (Jul 07)
  - Re: Phishing Links James Farr '05 (Jul 08)