Chris's Wiki :: blog/spam/PhishAsMalware Commentshttps://utcc.utoronto.ca/~cks/space/blog/spam/PhishAsMalware?atomcommentsDWiki2013-08-27T03:15:21ZRecent comments in Chris's Wiki :: blog/spam/PhishAsMalware.By Chris Siebenmann on /blog/spam/PhishAsMalwaretag:CSpace:blog/spam/PhishAsMalware:d9ce63ed2840010d0c2d571462296ea30addd349Chris Siebenmann<div class="wikitext"><p>It's clearly a conscious decision. This commercial software has both
anti-spam and anti-virus functions; spam is scored, while 'viruses' are
normally stripped and/or quarantined (we just strip). Some phish spam
simply gets scored as spam but some gets classified as a virus that the
software labels as 'Mal/Phish-A' and is then subject to the anti-virus
actions (which in our setup are much more aggressive and cannot be opted
out of; I think this is also true of the software's default setup).</p>
<p>Given this I have to assume that the software designers actively wanted
at least some phish spam to be aggressively filtered out, much more so
than ordinary spam. My entry is thinking out loud about whether this
makes sense and is justifiable.</p>
</div>2013-08-27T03:15:21ZFrom 99.236.92.95 on /blog/spam/PhishAsMalwaretag:CSpace:blog/spam/PhishAsMalware:841d462c5c5355927be6efd89db1ce83b8832bb7From 99.236.92.95<div class="wikitext"><p>I'm not sure what the company backing it seems to have against having a category called Suspected Phishing, or even just a more alarmist PHISHING!!! Unless it's for marketing purposes.</p>
<p>- MP</p>
</div>2013-08-27T00:40:08Z