Phishing - a different detection angle

Ok, as hosts, we all have to deal with phishing at some point.

Up until now, all of the articles I've seen dealing with the issue always have the same angle:
"Protect your users from phishing scams via email filtering"
-or-
"Protect your user from phishing scams via some toolbar/proxy"
-or-
"Protect your corporate identity through clever features on your website"

I've seen many an email filtering program touted as some kind of awesome detection engine for phishing/virii/spam emails, but I have yet to see one for **PLAIN HTML/PHP FILES**

Sooner or later one of your users might get hacked, and someone will upload a phishing page. It'll sit around until someone complains about it, and your reputation as a host is damaged.


My Question IS:
Has anyone seen any effective codescanning mechanisms that we as hosts can use to scan incoming/uploaded files? Will something like clamav catch it?

Do I need to hack up something to act like the file is really an email, then pass it through spamassassin?

Your advice is much appreciated.

 

 

 

 

Top