Anti-phishing best practices

Posted by   Virus Bulletin on   Aug 1, 2006

Anti-phishing recommendations for ISPs and mailbox providers.

A new set of best practices to combat phishing has been released by the Anti-Phishing Working Group (APWG) and Messaging Anti-Abuse Group (MAAWG), to help ISPs and mailbox providers better police their infrastructures and filter the traffic traversing their networks.

The two industry groups joined forces to develop the guidelines, which include:

  • Two-way filtering of traffic to prevent phishing emails from reaching consumers and to alert ISPs and mailbox providers when their own servers are being used for sending phishing emails.
  • The use of IP blacklists to close down temporarily servers that have been co-opted for phishing attacks; the use of URL-based filters to help ISPs filter outbound customer traffic to known phishing IP addresses, domains or URLs.
  • Filtering or rejecting email if it can unequivocally be determined to be forged; disabling images and hyperlinks in email from untrusted sources.
  • Blocking access to known phishing websites during attacks.

The recommendations also highlight the importance of educating consumers to check for website certificate authenticity before submitting personal information, to report scams to the Federal Trade Commission or equivalent anti-fraud organizations, and alerting financial institutions when they are the target of phishing campaigns.

'Anti-Phishing Best Practices for ISPs and Mailbox Providers' can be downloaded from http://antiphishing.org/reports/bestpracticesforisps.pdf.

Posted on 01 August 2006 by Virus Bulletin

 Tags

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

VB2021 localhost videos available on YouTube

VB has made all VB2021 localhost presentations available on the VB YouTube channel, so you can now watch - and share - any part of the conference freely and without registration.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.