PaulDotCom mailing list archives

Previous By Date Next
Previous By Thread Next

How to Proactively protect against Phishing attacks?

From: dninja at gmail.com (Robin Wood)
Date: Fri, 19 Dec 2008 22:52:59 +0000
2008/12/19 Research Lookup <infolookup at gmail.com>:

Thanks so far for all of the great responses, I would like to ask a follow
up question.
Can someone recommend a tool or script I can use to crawl our website and
identify all of the email address.


It isn't quite finished yet but the next version of cewl does that.
You can get it from www.digininja.org/files/cewl2.rb . Run it with
--help to get the parameters, you are probably looking for:

cewl2.rb --no-words --email www.yoursite.com

The other addition to this, this version also does meta data
collection. Quick overview, it grabs all docs and xls files then
strips out the meta data that Larry mentioned in his piece on the
subject. I'll not go into a full description of how it all works just
yet as there is still some extra work to be done so I'll put it all
together into a single set of release notes when I'm finished.

You'll need the mini_exiftool ruby gem in addition to all the ones
needed for the previous release, see http://www.digininja.org/cewl.php
for details.

Let me know any problems you find and I'll fix them while I'm adding
the last few options

Robin




We are trying to write a script to remove them, since that might be one
place where the spammers targetted us from in the first place.

Thanks again.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Hello All:


We have been targeted a lot recently by what seem to be the same group of
spammers trying to get email credentials from our users.

Each time the try to change the email format so it looks more like a
legitimate email from our IT department. Not to mention sending from
different email accounts each time.




Any idea how we can go about trying to track down the origin of these
emails(mail server or actually host sending the emails), and notify the ISP
or someone?

Or even proactivly block these Phising attacks. How do others deal with
this type of behaviors?




Our setup --?Astaro Email Gateway, and Exchange 2003.


_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
Previous By Date Next
Previous By Thread Next

Current thread: