Reply to post: Attachments

A little phishing knowledge may be a dangerous thing

GnuTzu
Boffin

Attachments

Um, there are business procedures for these things. And, when forwarding a suspected infected email to an infosec analyst, you do it as an attachment, right?

Maybe someday, I'll share my Vim syntax highlighting for email headers, because it's just fascinating to see how far a serious phishing campaign will go to make an email look as if it's coming from inside your own business, which can involve a pair of malicious MTA's and a malicious DNS server to spoof your company's domain name in the email headers. I've seen just this sort of thing singled out by Proofpoint mail filtering.

But, if you're afraid of opening an email in your mail program, then get a new mail program. Just don't click any damn links, and make sure your email program doesn't display remote images. And, if you're in an enterprise environment, I would hope the relevant mail settings are already correctly set by GPO. Here, we even have a report phishing button in the Outlook ribbon, and it just makes everything so much nicer.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon