Educause Security Discussion mailing list archives

Re: attempts sending fake phishing messages to students and/or employees

From: Valdis Kletnieks <Valdis.Kletnieks () VT EDU>
Date: Mon, 7 Jun 2010 20:59:28 -0400

On Mon, 07 Jun 2010 15:41:18 PDT, "Miller, Don C." said:

Has anyone attempted, or thought about, sending fake phishing messages
to your students and/or employees?


If your message is "We will never ask you for your password", this is a
*really* bad idea because it confuses your users and shoots your credibility.

We usually just wait for a real phish to get reported, then block the address
outbound and trap any attempts to reach it.  Anybody who tries it gets
targeted for re-education.

Attachment: _bin
Description:

Current thread:

attempts sending fake phishing messages to students and/or employees Miller, Don C. (Jun 07)
- <Possible follow-ups>
- Re: attempts sending fake phishing messages to students and/or employees Valdis Kletnieks (Jun 07)
- Re: attempts sending fake phishing messages to students and/or employees Bob Bayn (Jun 07)
- Re: attempts sending fake phishing messages to students and/or employees Dave Kovarik (Jun 07)
- Re: attempts sending fake phishing messages to students and/or employees Ben Woelk (Jun 07)
- Re: attempts sending fake phishing messages to students and/or employees Lorenz, Eva (Jun 08)
- Re: attempts sending fake phishing messages to students and/or employees Ben Woelk (Jun 08)