I use SpamBayes to keep my inboxes virtually spam-free. I’ve also written and tweaked bayesian filters to solve other problems, but I realized a while back that personal bayesian spam-filters actually help phishers be more effective in their attacks. Stay with me…
Bayesian spam filters need to be trained. You teach the filter what you want to see and what you don’t, and it learns very quickly. I use eBay and PayPal all the time, so I’ve trained SpamBayes to let official-looking eBay and PayPal emails get through to me. Someone else might classify these emails as spam, but I definitely want to get them.
A phisher’s dream is to be able to send emails to the most likely targets. Citibank spoofs would only be sent to Citibank users, eBay spoofs to eBay users, etc. Phishers would get much higher "conversion rates" if they could do this. Luckily for us, they can’t.
But here’s the kicker – a well-trained bayesian filter makes sure you only see phishing emails for which you are a good target. SpamBayes makes sure I see eBay and PayPal spoofs in my inbox, but it also makes sure I don’t see attacks targetting Bank of America, AOL, SunTrust, etc. So, in a way, I’ve trained my filter to help phishers target me directly.
I agree. I use Mailwasher for spam filtering, which also includes bayesian filters, and the eBay/Paypal emails almost always get through. Luckily I know enough to figure out which are phishing, but I have web design clients who are always sending me copies of emails they get to see if they are real or not.
Hi,
Spam mails now define some unrelated message in text/plain part of the multipart of the message, may be so that the probability of the mail being recognised as spam gets reduced. Details at : http://narasimhagm.blogspot.com/2005/05/anatomy-of-phish.html
Pingback: Adam Stiles » Death of IE7 Phishing Filter Predicted