Phishing: education no longer effective

Date: September 22, 2006
Source: ZDNet Australia
By: Munir Kotadia

Educating users to recognise potential phishing scams may no longer be an effective tool because recent attacks are so sophisticated that fraudulent sites were virtually indistinguishable from the original, according to MessageLabs.

Traditional phishing attacks replicate the Web site of a known brand and try to lure victims to that using spam. In the early days, phishing e-mails and Web sites were relatively simple to spot because they often contained spelling mistakes and were badly designed.

Recently discovered phishing sites were no longer distinguishable from the original, which made it impossible to educate users on how to tell the difference, according to Mark Sunner, CTO of MessageLabs.

"Phishing is just so sophisticated that you can't deal with it with education. How can you tell someone to watch out for something that is perfect?
Original article

---

Add comment  Email to a Friend