🆘Bill Cole 🇺🇦18h ago

I cannot concur…

It’s not realistic to ask people to *never* click a link in email. We’ve got 30+ years of experience with that advice not working because MUA developers have never stopped making links active & aggressively looking for anything in email that might be a link, regardless of URL conformance. That’s why SpamAssassin treats so many non-URLs as if they are URLs. Users will click clickable things. Telling them not to do so is unreasonable.
1/2
#InfoSec @AAKL https://infosec.exchange/@AAKL/116398057284422776

AA (@[email protected])

Never, never, never, never, never click on a link in your email. Contact the provider directly and not through the suspect email. "Approval phishing is a technique whereby victims are tricked into providing full access to their cryptocurrency wallets. Often, they are persuaded to click on a fake alert or popup spoofed to appear as if sent from a trusted app or service." Infosecurity-Magazine: Operation Atlantic Seizes $12m in Crypto Losses https://www.infosecurity-magazine.com/news/operation-atlantic-seizes-12m/ #infosec #phishing

Infosec Exchange
Show thread🆘Bill Cole 🇺🇦18h ago
Instead, users need to learn to *take* *care* with their clicks. That’s a tough assignment but at least it isn’t hopeless. People can learn to do things like checking where links actually go behind the clickable text and basic sanity checking: is the person who sent that mail likely to be who they claim to be and are they sending it for plausible reasons? If you cannot instantly answer those basic questions, you need to investigate before clicking.
#InfoSec #phishing
2/2
Show threadAA17h ago
@grumpybozo How many non-techie people are actually going to sleuth their way to the origin of the link or read the headers, if they even know where to find them, to trace the routing?
Show threadEpic Null
@AAKL @grumpybozo When I, a tech person, can no longer look at the HTML of an email, asking a non-tech person to look at headers does prove unreasonable.
Apr 14 at 2:13pmWeb
Show thread🆘Bill Cole 🇺🇦17h ago
@Epic_Null @AAKL Agreed, but the premise is flawed. If you can no longer look at raw messages, you need a better MUA.
People do NOT need to decipher headers or analyze HTML to identify MOST fraudulent messages. In many cases of phishing these days, identifying the phish is as simple as making your MUA show the full From header, because spammers have learned that they can hide behind an arbitrary "Display Name" containing what looks like an email address.
Show threadEpic Null16h ago

@grumpybozo @AAKL I mean, this is Microsoft's Outlook. A better MUA is NOT going to be available.

The problem is nothing a user can be expected to solve, and nothingthe company will be held accountable for.