Imageshack protects, educates users

A couple weeks ago, intrepid security reporter Brian Krebs blogged about Imageshack, a site that hosts images for free, taking a proactive approach to protect users from spammers. It seems that spam messages would reference images hosted at Imageshack, presumably making the messages smaller and reducing the badness detected by anti-spam tools (because the images were hosted by a legit site).

Tipped off to the problem, the folks at Imageshack didn't just take the offending images down. Instead, they replaced the images with a warning not to click on anything in the spam message. This had the effect of creating a "teachable moment" for users who might otherwise have fallen for the scam. This approach is similar to the one used by the Anti-Phishing Working Group and participating hosting providers, which replace phishing pages with this educational page.

Any time we, as an industry, take the opportunity to simultaneously protect and educate users, we make progress in the fight against badware. Imageshack should be commended for its work here. StopBadware, meanwhile, has been talking with some folks about doing something similar for malware sites that are taken down.

Upcoming StopBadware webinar for nonprofits

Posted on October 3, 2008 - 13:46 by egeorge

Later this month, StopBadware will be giving a webinar on website & computer security for nonprofits, hosted by NTEN - the Nonprofit Technology Education Network. If you're involved in technology for a nonprofit, and want to learn more about security, find out more about the webinar and register here.