|Main Archive Page > Month Archives > spamassassin-users archives|
On Sun, Apr 22, 2012 at 10:40 PM, Jason Haar <Jason_Haar@trimble.com> wrote:
> OT but related
> I just got a bunch of phishing attacks against a bank come through.
> Following the link leads me to some owned website with the fake bank
> frontend - and it had a feature that I've seen time and time again:
> images and links from the real banksite
> Why don't banks rub two braincells together and start monitoring the
> referrers on their primary webpages (eg logos, terms and conditions) and
> return a "RUN AWAY!!! IT'S A TRAP!!!" page whenever someone views the
> phishing sites? The Referrer header would allow that instantly
> They really don't give a damn do they...
I presented that very idea to a big bank (you would recognize the
name) approx 8 years ago. I suggested they monitor the referrers
(with the security product we were installing) and automatically
increase situational awareness accordingly, and at some point move to
replacing images that didn't match certain referrers. I was ignored,
almost scoffed at.