I understand now, fake warnings for phishing. As for not being taken in, I haven't yet, but I'm sure it would be possible to create one that I would assume to be genuine.
Peter Shute
Sent from my iPad
On 6 May 2014, at 3:15 pm, "Stephen J. Turnbull" stephen@xemacs.org wrote:
Peter Shute writes:
On 5 May 2014, at 4:59 pm, "Stephen J. Turnbull" stephen@xemacs.org wrote:
them. But when you (FVO "you" susceptible to phishing in the first
Sorry, what does FVO stand for?
Ah, excuse my abbreviations. FVO = "for values of"; the intended implication is that the "you" reading my post isn't the kind of "you" who gets taken in by phishing emails.
All of our mail to you have come back to us due to DMARC rejects, so we need to use this unusual address.
Please confirm your blah-blah-blah by clicking <here> and logging in to our secure site.
2% of AOL customers will respond by clicking, at last report. :-(
They get a warning? I thought it just bounced, and the intended recipient never knew.
No, the point is that a phishing mail with
From: Chase Bank Customer Service service@chase.com.invalid
will sail right past DMARC, as currently set up. In the message, the complaint about the "DMARC rejects" was written by the phisherman, and the strange address is explained by that preamble. Thus reassured, the victim then clicks. Don't ask me to explain why they do that, I don't really understand (I'm almost tempted to quote Niven and Pournelle, "think of it as evolution in action"), but it's an empirical fact that real people lose real money to these scams ("2% of AOLers" click, according to AOL).
Now, it's *possible* that ".invalid" will trigger the latent common sense in the 2%. But I think that pretty unlikely to be completely effective, and I suspect it won't be effective at all in the presence of a disclaimer about the "unusual" address. If ".invalid" can't get by the victim's common sense, ".REMOVE-THIS" etc probably will.
The thing is that a bit of common sense will save you from any of these scams. But that's not enough to create good policies, because it's very hard is to think of all the ways to abuse a very naive victim, or a very young one, or an elderly one who's lost a step mentally -- it takes a devious mind just to think of one!
Regards,