Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Phishing warning! (Teach your users to check server hostname and SSL certificate status in browser address bar.)
  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
Hi all,

In recent days we've seen few attempts to confuse Kerio Connect end-users to send email address and password for their account to an unknown sites with fake Kerio Connect login dialog. Stolen login information is then used for distributing spams.

Please remind your users to always check the server SSL certificate status and server hostname in browsers address bar. Using webmail client (or any other website where you need to log in) should be done with same care as logging to your bank.

Example: This IS NOT a genuine login dialog for Kerio Connect 7. Please notice second "Email Address" input, which is not in the original dialog. It is fake.
./fa/3359/0/

[Updated on: Thu, 06 August 2015 18:48]

  •  
Pavel Dobry (Kerio)

Messages: 5245
Karma: 251
Send a private message to this user
Kerio Connect 8.3.0 brings new login dialogs. Here is a preview:

Kerio Connect client:
./fa/3449/0/

Kerio Connect administration:
./fa/3450/0/

  •  
automatica

Messages: 75
Karma: 3
Send a private message to this user
With respect to phishing and invalid URLs - is there some way to have a filter look at any URL that's presented as HTML - i.e., there's an href and also a text representation, and if the text representation that doesn't match the domain of the actual link then it be flagged as phishing - e.g.:
<a href="http://123.456.789.10/phishing.html"> http://webmail.example.com/login.html </a>


It's completely valid to have a link where the text is something different - e.g. a link that says Click Here! but to have a link where the text looks like it's a URL but it's pointing to a different domain to the actual URL, then I've never seen one of these used for good.

I'd really like to be able to flag every email that has a non-matching URL as spam and delete it immediately.

--
kai howells
automatica - specialist technical support for creative professionals
Previous Topic: Archiving vs Size & Speed
Next Topic: IPv6 support
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Wed Aug 23 17:43:53 CEST 2017

Total time taken to generate the page: 0.00442 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.