[149704] in North American Network Operators' Group
Re: Dear RIPE: Please don't encourage phishing
daemon@ATHENA.MIT.EDU (Sven Olaf Kamphuis)
Sun Feb 12 14:17:21 2012
Date: Sun, 12 Feb 2012 19:15:28 +0000 (UTC)
From: Sven Olaf Kamphuis <sven@cb3rob.net>
To: Rich Kulawiec <rsk@gsp.org>
In-Reply-To: <20120212181910.GA16374@gsp.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
>
> That's why I recommend that banks et.al. don't put *any* URLs in their
> messages. If they make this an explicit policy and pound it into the
> heads of their customers that ANY message containing a URL is not from
> them, and that they should always use their bookmarks to get to the
> bank's site, then they're training their customers to be phish-resistant.
they do, and the next thing you know, someone in marketing sends out an
email with an url -anyway-.
considering the fact that banks don't seem to like to be contacted by
emails nor get replies (noreply@...) i'd strongly suggest them not to use
crappy obsolete SMTP at all but rather present the users with their
messages they don't want to distribute by paper mail -after- logging into
their online banking system, where they can use all the html, links, flash
*kuch* etc they want.
>
> ---rsk
>
