The problem there is that scammers can use legitimate services to send out phishing attacks, which I have saw happen to my own company. The other issue is that those that do have security mindfulness, but are not diligent enough to actually go through every single detail (asking themself if it was something they expected and the sender is legit, checking headers, verifying the URL, going to site directly instead of clicking an embedded link, etc) are going to get used to this system telling them what is legit and what isn't. To them, it's background noise, just like adding "external sender" tags is. those most prone to these attacks), like the type of people that still fall for the “Nigerian prince" scams every year despite how obvious those ones are. The first one is that users that lack any security awareness aren't even going to bother trying to figure out what any of it means (I.E. a link to when clicked in an email from do like this idea, for a lot of reasons, especially since it would make it easier to spot phishing attempts even when the sender has made it seem to be from an authentic trusted source.īut I do see some potential problems with this as well, and why mindfulness and checking the details yourself is always more important than adding tags or options like this. Option to skip Link confirmation when domain is on trusted list and equal to the domain part of the mail sender (e.g. Write a small informational text describing why the visual shield is colored that way. Allow to custom greenlist yellow domains client-side. Everything calculated client-side of course. Red if protocol is without TLS (https) or domain is similar to a domain in trusted list. 🛡️ - Green when domain name is on a list of well known and trusted domains. Visually show a shield icon colored green, yellow or red. Only write the domain name and protocol in bold. I think there is room for a lot of improvement here. I notice this dialog eventually causes "Ad Blindness", and I click Confirm without actually reading anymore. Sometimes there are so many query parameters that the link is 6 lines of bold chaos. It shows the entire link written in bold. When you click on a link, you get this link confirmation dialog.
0 kommentar(er)
