[Owasp-leaders] Email Security Research posted today

Joshua Perrymon josh at packetfocus.com
Thu Oct 22 16:31:29 EDT 2009


http://www.darkreading.com/story/showArticle.jhtml?articleID=220900191

 

It seems to me that email gateway /web browser/ email client needs to work
together to stop directed/ small-scale attacks. Current protection schemes
seem to fail when identifying directed attacks because they are such a small
scale, and the sites are usually new.   

 

But if you look at corporate email marketing, it's nothing more than a
directed phishing attack.  

#1The from is spoofed, or from another domain.

#2 the links in the body usually are hosted by the tracking/marketing
company

#3 they are tracking all user "clicks" and movement

#4 potential for spyware/advertising malware etc

 

JP

 

Joshua Perrymon, CEH, OPST, OPSA

CEO PacketFocus LLC

 <mailto:Josh at packetfocus.com> Josh at packetfocus.com

1.877.PKT.FOCUS

1.205.994.6573

Fax: (877) 218-4030

 <http://www.packetfocus.com/> www.packetfocus.com

 

President Alabama OWASP Chapter  <http://www.owasp.org/> www.owasp.org

Selected for "Top 5 Coolest hacks of 2007" Dark Reading/ Forbes.com

www.linkedin.com/in/packetfocus

Follow PacketFocus  on Twitter:   <http://twitter.com/DarkReading>
http://twitter.com/packetfocus

 

 

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20091022/c69025f2/attachment-0001.html 


More information about the OWASP-Leaders mailing list