[Owasp-leaders] Email Security Research posted today

Joshua Perrymon josh at packetfocus.com
Thu Oct 22 16:31:29 EDT 2009



It seems to me that email gateway /web browser/ email client needs to work
together to stop directed/ small-scale attacks. Current protection schemes
seem to fail when identifying directed attacks because they are such a small
scale, and the sites are usually new.   


But if you look at corporate email marketing, it's nothing more than a
directed phishing attack.  

#1The from is spoofed, or from another domain.

#2 the links in the body usually are hosted by the tracking/marketing

#3 they are tracking all user "clicks" and movement

#4 potential for spyware/advertising malware etc




Joshua Perrymon, CEH, OPST, OPSA

CEO PacketFocus LLC

 <mailto:Josh at packetfocus.com> Josh at packetfocus.com



Fax: (877) 218-4030

 <http://www.packetfocus.com/> www.packetfocus.com


President Alabama OWASP Chapter  <http://www.owasp.org/> www.owasp.org

Selected for "Top 5 Coolest hacks of 2007" Dark Reading/ Forbes.com


Follow PacketFocus  on Twitter:   <http://twitter.com/DarkReading>





-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-leaders/attachments/20091022/c69025f2/attachment-0001.html 

More information about the OWASP-Leaders mailing list