- This topic has 6 replies, 5 voices, and was last updated 11 years, 5 months ago by .
- You must be logged in to reply to this topic.
I think I’m confused. just received this advice in an email from Mircosoft:
IMPORTANT: Because fraudulent (“phishing”) e-mail often uses misleading links, Microsoft recommends that you do not click links in e-mail, but instead copy and paste them into your browsers, as described above.
How does moving from a culture of blindly clicking on links to blindly cut&pasting said links help protect against phishing??? Oh, and the ‘as described above? is a long and confusing URL….
Please help, my head hurts….
I think you are right there Bill. That may very well be the thought process behind it. Though, wouldn’t it make more sense to not go there in the first place? Good defense is always trumped by dumb user.
What’s even scarier is that tactic fails to prevent many common phishing tactics. For instance, using a domain name that looks like the target in specific fonts (substituting 1’s for lower case L’s for instance) or misspelled domain names. Not to mention that if a link spans multiple lines and it’s sometimes tough for users to cut and paste the whole thing. Microsoft needs to do their security reading (http://people.seas.harvard.edu/~rachna/papers/why_phishing_works.pdf) first before issuing statements like this 🙁
I am sure it will all be fixed once IE8 goes gold 😀
RR – can you forward that email over to me?
check your inbox 🙂
– EH-Net Live! Join us on Wed Jan 29 @ 1:00 PM EST for “Shellcode for the Masses“ w/ John Hammond. Reg Open Now!
– EH-Net Live! December – Video & Deck Available Now! for “Burp-less Hacking – Learning Web Application Pentesting on a Budget” w/ Phillip Wylie from Dec 19.
– EH-Net Live! November – Video & Deck Available Now! for “All Things CTF!” w/ Ray Doyle of EverSecCTF from Nov 21.
– EH-Net Live! October – Video & Deck Available Now! for “Hacking Humans” w/ Hadnagy, Paul & Baron from Oct 29.
– EH-Net Live! August – Video & Deck Available Now! for “Wireshark for Hackers” w/ Laura Chappell from Aug 29.
See all EH-Net Live! Videos
More on the EH-Net YouTube Channel
Copyright ©2020 Caendra, Inc.