Re: HOW TO PREVENT FHISHING ATTACKS



Hi Marco,

Use Sender Policy Framework - see
http://en.wikipedia.org/wiki/Sender_Policy_Framework and
http://www.openspf.org/

SPF is a DNS txt record which indicates whether a MTA (such as
hotmail, gmail, good ISPs) should accept email purportedly from
@bank.com when the source IP is i.e. a botnet.

-Patrick
http://www.osisecurity.com.au/

On Fri, Jan 28, 2011 at 10:44 AM, <mzcohen2682@xxxxxxx> wrote:
Hi Guys,

I am preparing a set of recommendation for a client of mine which is a bank
, a set of controls against fhisging attacks, besides of telling the bank to
teach there customers how to protect against those attacks ( not opening
suspicious mails etc etc) what other recommendations are good? are there
some technological tools to prevent those attacks that the bank can
implement? I heard something about imperva radar service which should
protect against fishing attack, some one has experience with that tool? what
about other tools that the bank can implement?

many thanks!

Marco

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL
certificate.  We look at how SSL works, how it benefits your company and how
your customers can tell if a site is secure. You will find out how to test,
purchase, install and use a thawte Digital Certificate on your Apache web
server. Throughout, best practices for set-up are highlighted to help you
ensure efficient ongoing management of your encryption keys and digital
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------



Relevant Pages

  • RE: HOW TO PREVENT FHISHING ATTACKS
    ... HOW TO PREVENT FHISHING ATTACKS ... I am preparing a set of recommendation for a client of mine which is a bank ... teach there customers how to protect against those attacks (not opening ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Re: RES: Web site defacing
    ... XSS attacks client-side, not the application itself... ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • RES: Web site defacing
    ... XSS attacks client-side, not the application itself... ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • RE: HOW TO PREVENT FHISHING ATTACKS
    ... The IT director typed it up in a document and printed it out, sealed it in an envelope, and deposited it in a bank safe. ... HOW TO PREVENT FHISHING ATTACKS ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)
  • Re: HOW TO PREVENT FHISHING ATTACKS
    ... I am preparing a set of recommendation for a client of mine which is a bank ... , a set of controls against fhisging attacks, besides of telling the bank to ... Securing Apache Web Server with thawte Digital Certificate ...
    (Security-Basics)