Dennis Davis wrote:
There was a project from an educational institution to target
phishing emails. I don't recall the name of the project or
whether the source code was released.
You might be thinking of Kochi:
http://oss.lboro.ac.uk/kochi1.html
The Google project:
http://code.google.com/p/anti-phishing-email-reply/
is also useful as it attempts to detail the compromised accounts.
Just block/quarantine email for those accounts.
...of course the phishers are now sending out form URLs to
be completed:
http://jotform.com/form/91140758246
Theoretically you could scan HTTP POST data using Kochi by hooking it
into Squid or some other HTTP proxy. It should be no more difficult than
scanning outgoing email is.
Of course, that only helps if your users are accessing the web from
within your sphere of control at the time. Phishers are unlikely to use
SSL for this.
--
Mike Cardwell
(https://secure.grepular.com/) (http://perlcv.com/)
