Comments on: Iconix Phishing Protection http://www.infosecblog.org/2008/06/iconix-phishing-protection/ Mon, 06 Feb 2012 07:04:18 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Roger http://www.infosecblog.org/2008/06/iconix-phishing-protection/comment-page-1/#comment-271 Roger Wed, 11 Jun 2008 17:53:57 +0000 http://www.infosecblog.org/2008/06/iconix-phishing-protection/#comment-271 Thanks for the read. You're right, I meant Thunderbird not Firefox, I did see you have support for accessing webmail through Firefox. I'll update that. I understand why you're doing it the way you are. I'd love it if you had a "expert" mode for people who do know what spf and domainkeys are for. I understand that just because its from a authenticated sender (google) that doesn't mean its not phishing. Some with your example, the spammers did widely adopt spf first. That doesn't mean spf is broken. I like the product. I'm using it and will recommend it to others. Thanks for the read.
You’re right, I meant Thunderbird not Firefox, I did see you have support for accessing webmail through Firefox. I’ll update that.
I understand why you’re doing it the way you are. I’d love it if you had a “expert” mode for people who do know what spf and domainkeys are for. I understand that just because its from a authenticated sender (google) that doesn’t mean its not phishing. Some with your example, the spammers did widely adopt spf first. That doesn’t mean spf is broken.
I like the product. I’m using it and will recommend it to others.

]]> By: http://openid.aol.com/audian99 http://www.infosecblog.org/2008/06/iconix-phishing-protection/comment-page-1/#comment-270 http://openid.aol.com/audian99 Wed, 11 Jun 2008 16:52:08 +0000 http://www.infosecblog.org/2008/06/iconix-phishing-protection/#comment-270 Hi Roger, Nice blog, thanks for the write up of Iconix! Couple of notes: 1. We actually do support Firefox (versions 1.5, 2.0 and soon 3.0). Perhaps you were talking about lack of support for Thunderbird since you mentioned that at the end of your blog as well? 2. We currently mark messages for over 500 companies. The current list of companies intersects a lot of consumer’s inboxes today. Look to see this list grow by the thousands soon! 3. We chose not to display authentication results alone as that can be deceiving. Bad guys can just as easily authenticate their mail. For instance, a bad guy could register and authenticate the domain www.paypalsecure.com and send email as security@paypalsecure.com and it will pass authentication, because it is actually from that (bad) domain. As a user, you still don't know if it is actually from the brand PayPal. That is why it is important that we take it a step further and make sure messages are from domains on our list. By the way - PayPal, eBay and TrendMicro users are always asking for us to add their favorite company. Anyone can submit by going here: <a href="http://www.iconix.com/protectsites.php" rel="nofollow">http://www.iconix.com/protectsites.php</a> Regards, Audian Paxson Director, Product Management ICONIX, Inc. Hi Roger,
Nice blog, thanks for the write up of Iconix!
Couple of notes:
1. We actually do support Firefox (versions 1.5, 2.0 and soon 3.0). Perhaps you were talking about lack of support for Thunderbird since you mentioned that at the end of your blog as well?
2. We currently mark messages for over 500 companies. The current list of companies intersects a lot of consumer’s inboxes today. Look to see this list grow by the thousands soon!
3. We chose not to display authentication results alone as that can be deceiving. Bad guys can just as easily authenticate their mail. For instance, a bad guy could register and authenticate the domain http://www.paypalsecure.com and send email as security@paypalsecure.com and it will pass authentication, because it is actually from that (bad) domain. As a user, you still don’t know if it is actually from the brand PayPal. That is why it is important that we take it a step further and make sure messages are from domains on our list.
By the way – PayPal, eBay and TrendMicro users are always asking for us to add their favorite company. Anyone can submit by going here: http://www.iconix.com/protectsites.php
Regards,
Audian Paxson
Director, Product Management
ICONIX, Inc.

]]>