Educause Security Discussion mailing list archives
Re: Differentiating Between Real and Phishing Emails to Staff and Students
From: Joel Rosenblatt <joel () COLUMBIA EDU>
Date: Tue, 13 May 2008 06:46:40 -0400
When we send out a security education email, we always post a copy of the email on the Security web site - we tell people if they want to verify, go to the security web site (we do not provide a clickable link) and they will see the same information. (we have an Alerts section) Since we started doing that (about 4 years ago), we stopped getting those questions. My 2 cents. Joel Rosenblatt Joel Rosenblatt, Manager Network & Computer Security Columbia Information Security Office (CISO) Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033 http://www.columbia.edu/~joel --On Tuesday, May 13, 2008 3:04 PM +1000 Tim Lane <tlane () SCU EDU AU> wrote:
Hi All, I regularly send out emails to staff and students advising on phishing scams, general security alerts, password changes etc. As the frequency of targeted phishing scams increase, I continue to get more queries by staff and students questioning if the very emails I send to staff and students are valid or a scam. I would be interested in knowing how other institutions are providing increasing assurance to staff and students that emails from their IT or Security section are valid. Examples might include disclaimers, digital signatures or encryption etc, but if this is an area you have looked at and addressed could you please advise. Thanks, Tim Tim Lane Information Security Manager IT&TS Southern Cross University Ph (02) 6620 3530 Mobile 0418 248 571
Joel Rosenblatt, Manager Network & Computer Security Columbia Information Security Office (CISO) Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033 http://www.columbia.edu/~joel
Current thread:
- Differentiating Between Real and Phishing Emails to Staff and Students Tim Lane (May 12)
- <Possible follow-ups>
- Re: Differentiating Between Real and Phishing Emails to Staff and Students Joel Rosenblatt (May 13)
- Re: Differentiating Between Real and Phishing Emails to Staff and Students David Kovarik (May 13)
- Re: Differentiating Between Real and Phishing Emails to Staff and Students Kubb, Rick (May 13)
- Re: Differentiating Between Real and Phishing Emails to Staff and Students Bob Bayn (May 13)
- Re: Differentiating Between Real and Phishing Emails to Staff and Students Mike Waller (May 13)
- Re: Differentiating Between Real and Phishing Emails to Staff and Students Sarah Stevens (May 13)
- Re: Differentiating Between Real and Phishing Emails to Staff and Students Ozzie Paez (May 14)