North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: ISP phishing
- From: Brad Knowles
- Date: Tue Jun 28 17:36:41 2005
At 5:17 PM -0400 2005-06-28, Mark Tombaugh wrote:
Yes. Any billing, root, postmaster, etc... messages that claim
to be from his system have to be generated from their management IP
space. You may be able to phish their customers by sending them
bogus messages of this sort that claim to be from other sites or
facilities, but you won't be able to phish his customers by sending
them messages like this that claim to be from his system.
On Thu, 2005-06-23 at 09:54 -0400, Robert Boyle wrote:
we enabled a global rule which blocks
any email from accounts such as billing, root, postmaster, antivirus,
abuse, security, etc. which don't originate from our management IP space
where our people work. As a result, we have stopped these phishing scams
for our users dead in their tracks.
You sound so sure about that... Am I missing something?
I applaud his move, and wish more groups did the same.
I recently got hit by a wave of phishing attempts from my own
ISP. Unfortunately, the ISP in question refuses to interact with
their customers via any method but the web, although they do send out
their own notices by e-mail. Of course, none of those accounts will
accept bounces or e-mail replies, which is why they're rightfully on
the rfc-ignorant black list, among many others.
Fortunately for me, all the phishing attempts were pretty stupid,
and failed because they relied too much on Windows-specific attacks,
Windows-specific MUAs, etc....
Brad Knowles, <firstname.lastname@example.org>
"Those who would give up essential Liberty, to purchase a little
temporary Safety, deserve neither Liberty nor Safety."
-- Benjamin Franklin (1706-1790), reply of the Pennsylvania
Assembly to the Governor, November 11, 1755
SAGE member since 1995. See <http://www.sage.org/> for more info.