RSA, CA accused of sending 'stupid' e-mails
Computer security specialists RSA and Computer Associates have been called "stupid" for sending e-mails containing "masked" links, which are often used in phishing attacks.
Mikko Hypponen, director of antivirus research at F-Secure, said it was "stupid" for security companies to send e-mails containing links that point to a different location to the one they purport to point to, which is a technique commonly used by phishers.
In the F-Secure Web log, Hypponen criticised CA for sending an e-mail containing information about an "important update" with a link that seemed to connect to "supportconnect.ca.com" but actually went to a different address with additional information tagged to the URL. Just days earlier, Hypponen had lashed out at RSA for using the same technique when inviting delegates to a security conference in Europe.
"How a security company sends out messages like this is beyond me. What's the point in trying to educate users about phishing scams and how they work if the same tricks are being used by the good guys," said Hypponen.