Tuesday, January 10, 2012
Scammers trying to phish OHIO e-mail users into revealing their passwords will have a harder time setting the hook now, thanks to a new filter that flags questionable messages and redirects risky URLs.
With the new filter, messages that might be scams but which do not match any existing scam "signature" will be delivered with a warning automatically inserted in the message body, and questionable links will be redirected to a Cisco site that warns of a possible scam. If the recipient decides that a linked site is legitimate, he or she can click a button to continue on to the original link from the message.
Don Hone, an e-mail administrator with OHIO's Office of Information Technology, notes that the new filter should help defend against "spear phishing" scams that target small groups of users with customized messages. Still, Hone is quick to point out that even the best filters are no substitute for safe computing practices.
"If you receive an unsolicited e-mail message asking you to confirm your personal information, validate your account, or provide your username and password," says Hone, "you should assume that message is a scam - even if it looks like it came from someone you trust."