Results 1 to 2 of 2

Thread: Helping to prevent future phishing attacks

  1. #1
    r3zon8 is offline Intermediate Member
    Join Date
    Jan 2011
    Posts
    23
    Rep Power
    4

    Default Helping to prevent future phishing attacks

    we recently had a compromised account that was being used to send out spam. shortly after, that account was used to send phishing emails to other local users on our domain therefore allowing the attacker to gather even more valid credentials of good accounts.

    the phishing attacked asked the users to verify account information by following a link and entering their credentials. in the body of the message the URL appeared as a known/good URL: http://mail.mydomain.com , but the actual link the users were taken to was something much different.

    is it possible to assign a spam score to messages that are found to have these misleading links in the body so that they are tagged as spam and not delivered? and/or how to best prevent these attacks?

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,473
    Rep Power
    56

    Default

    Quote Originally Posted by r3zon8 View Post
    we recently had a compromised account that was being used to send out spam. shortly after, that account was used to send phishing emails to other local users on our domain therefore allowing the attacker to gather even more valid credentials of good accounts.
    You need to implement Strong Password policy, you can do that in the Admin UI.

    Quote Originally Posted by r3zon8 View Post
    the phishing attacked asked the users to verify account information by following a link and entering their credentials. in the body of the message the URL appeared as a known/good URL: http://mail.mydomain.com , but the actual link the users were taken to was something much different.
    You're never going to stop 100% of this type of email, this is essentially a user education problem.

    Quote Originally Posted by r3zon8 View Post
    is it possible to assign a spam score to messages that are found to have these misleading links in the body so that they are tagged as spam and not delivered? and/or how to best prevent these attacks?
    How can you determine these links are misleading? Use RBLs and some of the checks that are already in the anti-spam system, check the wiki for details of what can be done.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 8
    Last Post: 10-31-2012, 07:15 PM
  2. Replies: 0
    Last Post: 08-08-2011, 11:08 AM
  3. Security phishing problem with zimbra
    By xusnbb in forum Administrators
    Replies: 16
    Last Post: 11-01-2007, 01:29 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •