Comment Re:This entire approach is wrong (Score 1) 238
The submitter is looking for a code-based solution to a sociological/psychological problem, and it's just not going to be effective.
The real solution is to educate and train your users so they don't fall prey to these sorts of attacks. I know a lot of IT people aren't comfortable dealing with people, and I know it takes quite a bit of time and doesn't look as snazzy on your résumé - but, really, it's the best long-term approach.
Some people are just too stupid to train in this manner. This is especially true if you are a system admin for an office that employs dolly bird PA's just to make tea and look pretty on the front desk when a client comes to visit.
Blokes can be just as stupid too though, I had to clear up a PC after one of our support team clicked on one of these BS fishing emails as he installed some software that "cleaned" his Windows XP PC. He just has an inability to pay attention to what he is doing. He will most likely spend his entire like manning a helpdesk phone line helping people allow popups (We have to use them as many elearning courses are designed to only work in a popup and we host other peoples courseware).
Often these people are employed in dead end jobs earning no money so training them to take their head out of their arse is like trying to get blood out of a stone. Hiring someone with a brain would cost more and they might not need it for the job they have to do anyway.
Not that any form of network security for this is a magic bullet either. Unfortunately there is no one solution. All you can do is try and block as much as possible at the email gateway via a decent spam filter and make sure people only have the minimum admin rights on the PC's that they need to do their job. The final layer of protection though is making sure you have a damn good disaster recovery policy to allow you to recover a machine from nightly backups easily and can also rollback to previous days until you get a clean image.