[Owasp-leaders] Email Security Research posted today
josh at packetfocus.com
Thu Oct 22 16:31:29 EDT 2009
It seems to me that email gateway /web browser/ email client needs to work
together to stop directed/ small-scale attacks. Current protection schemes
seem to fail when identifying directed attacks because they are such a small
scale, and the sites are usually new.
But if you look at corporate email marketing, it's nothing more than a
directed phishing attack.
#1The from is spoofed, or from another domain.
#2 the links in the body usually are hosted by the tracking/marketing
#3 they are tracking all user "clicks" and movement
#4 potential for spyware/advertising malware etc
Joshua Perrymon, CEH, OPST, OPSA
CEO PacketFocus LLC
<mailto:Josh at packetfocus.com> Josh at packetfocus.com
Fax: (877) 218-4030
President Alabama OWASP Chapter <http://www.owasp.org/> www.owasp.org
Selected for "Top 5 Coolest hacks of 2007" Dark Reading/ Forbes.com
Follow PacketFocus on Twitter: <http://twitter.com/DarkReading>
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the OWASP-Leaders