Slashdot Mirror

← Back to Stories (view on slashdot.org)

Could Fake Phishing Emails Help Fight Spam?

Posted by Soulskill on from the hello-sir-madam dept.

Glyn Moody writes "Apparently, the US Department of Justice has been sending out hoax emails to test the security awareness of its staff. How about applying a similar strategy to tackling spam among ordinary users? If fake spam messages offering all the usual benefits, and employing all the usual tricks, were sent out by national security agencies around the world, it would select precisely the people who tend to respond to spam. The agencies could then contact them from a suitably important-looking government address, warning about what could have happened. Some might become more cautious as a result, others will not. But again, it is precisely the latter who are more likely to respond to further fake spam messages in the future, allowing the process to be repeated as often as necessary. The system would be cheap to run — spam is very efficient — and could use the latest spam as templates."

3 of 296 comments (clear)

  1. actually, this works fairly well. by gandhi_2 · · Score: 5, Informative

    my school district did the same thing, and it works great.

    It's the best form of targeted training. Only those who fall for shit like this get a lesson, and follow-up fake scams had a MUCH lower success rate.

    --
    THL phish sticks
  2. Re:it's already in use... by ericspinder · · Score: 4, Informative

    And it's called more exactly honey-pots.

    Actually, honey pots are more about collecting spammer addresses, not identifying their targets.

    --
    The grass is only greener, if you don't take care of your own lawn.
  3. Re:Seriously? by Cthefuture · · Score: 4, Informative

    It might, however, stop email faking and sending from the zombie box itself, which would give a better point of control (because at the moment anyone can send emails that purport to be from Yahoo.com from their own box, if it is set up right, but a protocol that could fail connections claiming to be Yahoo.com emails that don't come from an approved Yahoo.com server would reduce the problem).

    Note there is already a system for doing this. It called the Sender Policy Framework (SPF) and uses DNS records to tell mail servers which machines are allowed to send mail for your domain.

    This is not a perfect system though because often there is a legitimate need to use a different e-mail domain address than where your mail came from (eg. forwarding, etc). For that reason it doesn't appear that many mail servers are configured to check SPF records.

    At the very least it seems like they would be good for pre-tagging SPAM (ie. still deliver it but add something to the header that says it could be spam).

    --
    The ratio of people to cake is too big