nanog mailing list archives
Re: Dear RIPE: Please don't encourage phishing
From: Rich Kulawiec <rsk () gsp org>
Date: Fri, 10 Feb 2012 14:16:12 -0500
On Fri, Feb 10, 2012 at 12:28:22PM -0500, Steven Bellovin wrote:
If they're intended as a path to log in with a typed password, that's correct. Sad, but correct.
I agree. Training your customers/clients to click on URLs in email messages is precisely equivalent to training them to be phish victims. I teach people to (carefully!) bookmark the sites that they use which require passwords, and to always use those bookmarks -- that is, *never* to use the links in any mail message or on any web page. (Of course, an attacker in control of their browser could manipulate the bookmarks, but there is little reason for an attacker who's already gotten that far to do so.) ---rsk
Current thread:
- Dear RIPE: Please don't encourage phishing Steven Bellovin (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Richard Barnes (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Steven Bellovin (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Rich Kulawiec (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Randy Bush (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Corey Quinn (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Jay Ashworth (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Randy Bush (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Leo Bicknell (Feb 10)
- PGP, S/MIME + SSL cross-reference (Was: Dear RIPE: Please don't encourage phishing) Jeroen Massar (Feb 10)
- Re: PGP, S/MIME + SSL cross-reference (Was: Dear RIPE: Please don't encourage phishing) Leo Bicknell (Feb 10)
- Re: PGP, S/MIME + SSL cross-reference (Was: Dear RIPE: Please don't encourage phishing) Ryan Malayter (Feb 10)
- Re: PGP, S/MIME + SSL cross-reference (Was: Dear RIPE: Please don't encourage phishing) Leo Bicknell (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Steven Bellovin (Feb 10)
- Re: PGP, S/MIME + SSL cross-reference (Was: Dear RIPE: Please don't encourage phishing) William Herrin (Feb 10)
- Re: Dear RIPE: Please don't encourage phishing Richard Barnes (Feb 10)