|
|
|
|
|
|
by Anamon
73 days ago
|
|
|
But I think there's also an asymmetry strongly favouring the defense, namely that for a spam mail to be worthwhile, it needs some call to action, a way to lure in the victims. A link to a shady website, an infected attachment, a weird freemail address in the body or Reply-To header that doesn't match the forged From header, etc. They're trying to get cleverer for sure -- I started getting phishing mails where the malicious link is only in a QR code in an embedded image -- but I think the need to somehow link to the trap is an inherent weakness against any defense. SpamAssassin rules give a good overview of stuff that help detection no matter how the rest of the mail is generated. |
|
|