Comments on: Email Phishing Problem Solved

by: Editor

Mon, 24 Oct 2005 17:10:02 +0000

Hopefully, you noticed that the article is targeted at SENDERS, as opposed to RECEIVERS.

Plain text looking HTML that has no clickable links is not clickable; thus, non-phishable by click.

Your product is one of hundreds, if not thousands that exposes and/or disables INCOMING message links. Check with any of our advertisers.

by: Julian Field

Fri, 21 Oct 2005 06:22:46 +0000

But you can easily craft an HTML email message that looks exactly like a plain text message to most of the popular email apps. So only using plain text doesn’t help at all.

What you need is a decent phishing detector that optionally (1) highlights the link with a clear warning message, (2) adds a tag to the subject line and (3) disables the link altogether so there is nothing to click on.

MailScanner does all this very nicely.

by: TimW

Thu, 20 Oct 2005 16:24:54 +0000

Our network security guy has the ultimate solution. He removes all that junk from incoming email before we ever see it. I’m not sure what he uses but, by the time he gets done, there’s not much left. He won’t let us open attachments either.