* Mike Cardwell <dove...@lists.grepular.com>: > The University I work at was suffering from this a *lot*. Phishers kept > contacting our users pretending to be from our IT helpdesk asking users > to reply with their login details so that their mailbox could be > refreshed or so their quota could be fixed and other such things.
Same here. > So I developed an application that sits on our outgoing mail routers > looking for login credentials inside emails. If it finds any, it > blackholes the email and sends an autoresponse to the sender telling > them to never ever send login details via email under any circumstances. > It Cc's me in too, and it catches people emailing their logins around on > a *daily* basis. clamav is supposed to be capable of that functionality > Our usernames follow a very strict format, and we have a pretty strict > password policy so what my program does is pull out a list of all the > *possible* usernames and passwords and then attempts to authenticate > against our AD using them. Ah! That's a nice idea. -- Ralf Hildebrandt Geschäftsbereich IT | Abteilung Netzwerk Charité - Universitätsmedizin Berlin Campus Benjamin Franklin Hindenburgdamm 30 | D-12203 Berlin Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962 ralf.hildebra...@charite.de | http://www.charite.de
