[Dshield] "Disable preview pane" as a defense
rgolodner at infratection.com
Thu Aug 16 02:20:38 GMT 2007
Disabling the preview pane is a good idea. An even better practice
is to block unneeded file extensions at your SMTP gateway such as .exe,
.scr, .vbs, and .dll. You decide what you will allow to pass through and
this will give you an even greater degree of control over what can and can
not access your network.
Tom Shaw's notion of a well crafted socially engineered email is
right on. Even after thorough end-user education I am still amazed at what
people will click on. I often wonder what kind of evil garbage resides on
their home P.C's.
More information about the list