Re: Phishing

"Don Y" <blockedofcourse@foo.invalid> wrote in message news:vbfivs$tlhp$3@dont-email.me...

On 9/5/2024 4:56 PM, Edward Rawde wrote:

"Don Y" <blockedofcourse@foo.invalid> wrote in message news:vbcvp4$eoqp$1@dont-email.me...

I'm checking my "deflected" incoming mail to see if anything that
*should* have been allowed through was mistakenly diverted
(false positive).
>
I see a fair number of phishing attempts on my "public" accounts.
But, all are trivially identified as such.
>
So, how is it that folks (organizations) are so often deceived
by these things?  Are users just lazy?  Would it be more helpful
to have mail clients make it HARDER to activate an embedded
URL or "potentially compromised" attachment?
>
Or, will the stupidity of users adapt, accordingly?

>
More likely the ingenuity of scammers will adapt accordingly.

>
They have to coax/entice/trick you into DOING something.
By making it harder for you to "do things" acts as a
deterrent to these sorts of exploits.

Making it harder to do things will likely mean that nothing gets done.

>
E.g., if you had to cut/paste a URL into a browser (instead
of clicking on a link embedded in an email), you would be
less inclined to casually do so.  AND, would be forced to
see the ACTUAL URL instead of letting it hide behind
"click here".

While most people who read this group can do that, most people cannot.
Also have you tried doing that with a phone?

>

I got a "Your amazon account has been charged" call today.
Caller ID gave a local number, just different last four digits.

>
Our phone is pretty well locked down.  Calls go to one of
two voice mails -- without ringing the phone; neither is
checked often (and one is NEVER checked).

I usually answer local calls and calls from known numbers.
Others may be answered if they start leaving a message, depending on the message.

>
OTOH, if you are a WELCOMED caller, the phone actually *rings*.
>
Two of our phones only accept calls from the OTHER of our
phones (the numbers have never been "given out" to anyone
so an incoming call that is not from one of our phones is
obviously not something we want to receive).  If you
deliberately fail to set up your voicemail, then these
calls just fall off into never-never-land.
>

I don't bother filtering email except at the server level where some countries can't connect inbound at all.

Actually that's not quite true because at the server level I also have
https://rspamd.com/ which works well.

I can't remember when I last got a message containing a dodgy URL or dodgy attachment.
Unexpected attachments are always discarded.
Sometimes I'll have a look at where a dodgy URL goes but most often it goes nowhere due to my outbound filtering.

>
The phishing protection doesn't rely on filtering messages.
Rather, just not making URLs easy to access (or attachments
easy to open).
>
Folks who have any of my "non-public" email addresses are
treated like you would expect a trusted correspondent to be
treated.  But, traffic on the "public" (published) accounts
is highly censored.
>