On 12/26/2016 6:03 PM, Christian Huitema wrote:
But your mail and many comments on this lists point to the huge responsibility of the MUA with respect to phishing. Phishing is about duping the user by displaying misleading information. The effective defenses have to rely on proper user interface design,
Unfortunately, this is mostly /not/ true.
The actual experience, both in field work and usability research, is
that UI design does not affect user processing of phishing very much.
Neither design nor user training have much effect.
Hence most effective phishing protection is in the filtering engine(s)
below the UI.
d/
--
Dave Crocker
Brandenburg InternetWorking
bbiw.net