Eats, loots and leaves

[ewx]

...so it's a phish; it's in the wrong language for the target bank's customers; and it's got ... a Panda?

Comments

[ewx.livejournal.com]

Oh, thankyou, excellent. Still leaves the question as to why they relayed something they knew was an attempt at fraud rather than just dropping it, but that's a more widespread form of idiocy...

[megamole.livejournal.com]

Degrees in Russian, and a Russian parent, are good for something I suppose ;-)

[gerald_duck]

The general thinking (he says, having once had to do spam filtering for a company) is that one doesn't know for certain it's a phishing attack, so one lets it through with a warning attached so the recieving user can make the final decision.

What I personally feel is broken is checking outbound e-mail:

• If you add a message saying something's benign when it isn't you might get sued.
  
• If you add a message saying you know something is malicious but send it anyway you might get sued.
  
• The recipient shouldn't trust such notices from anywhere but their local system anyway (indeed, malicious messages often include fake no-virus-found footers).
  
• As you've just discovered, the message may not be in the right language for the recipient.

*sigh*

[ewx.livejournal.com]

Checking outbound mail makes sense for consumer ISPs if they drop the bad mail (i.e. if they are confident enough in the checking, or uncaring enough of their users), as a way of reducing the amount of spam sent out, thus keeping themselves out of blacklists, reducing their bandwidth bills, etc. (For inbound mail obviously it's a matter of local policy what you do with the suspected-bad mail.)