Phishers of men

Don't Bite

Phishing is a computing term that refers to fraudulently attempting to gain sensitive information by social engineering. Often it appears as an email from your Bank, or Ebay, Paypal or similar, requiring you to confirm your password or account settings.

I’ve not really ever been affected by phishing, though. I have a Yahoo! mail account that I barely use, and it seems to be the only one that gets that sort of spam. But seeing as I know I don’t have an ANZ, Westpac or BT account, I happily ignore them.

My Dad got some today, though, so I wonder if I should take more notice. Not everyone can resist social engineering, you know. The credit union I belong to has a warning that comes up when you visit their web page at the moment, too, warning people of an email claiming to be from them.

Fortunately (for Dad), I have a really good email setup which catches this sort of stuff. I am running an OpenSuse 10.1 linux server, which downloads all my (and Dad’s) mail from our addresses out on the internet, then drops it into Postfix, our mail server program. Postfix then relays the mail via Amavisd-new, which runs the message through clamav (antivirus program) and spamassassin (a spam detection program).

ClamAV manages to detect these Phishing attempts, preventing them from even reaching their target, merely alerting the administrator (me). A very nice setup that is transparent to the end user and was almost default in the Suse install.

Leave a Reply