These are my custom rules for SpamAssassin
1. If the email contains certain keywords (ebay, paypal, bank etc), AND
2. URL links that are not https://
Then, reject the message as a phish.
I believe that certain senders (banks, ebay, paypal etc) SHOULD USE secure emails (PGP or S/MIME). In fact, everyone should start using S/MIME or GPG/PGP and send secure emails. This is the real solution to fight phishing.
Another solution is to not send http:// links in ordinary insecure emails. If you really have to send a http:// link, just send the Tinyurl ID. For example: just put the Tinyurl id 4z4dy in your email and the recipient should go to http://tinyurl.com/4z4dy
Before using the following SpamAssassin custom rule, NOTE that it is aggressive and you may want to adjust the scores to suit your needs or whitelist some senders for your environment.
Remember: Start sending secure emails with S/MIME, PGP or GPG. PKI is the real answer to curb phishing!
|© Murty (My GPG Keys)||All Rights Reserved|