Educause Security Discussion mailing list archives
Re: Phishing Links
From: Ben Woelk <fbwis () RIT EDU>
Date: Wed, 7 Jul 2010 14:09:23 -0400
Although it may be more secure, I don't believe this would be accepted by most college departments. They would see this as a barrier to communications, not an enabler. The other issue is that the mail client may automatically convert the URL to a link. Ben Woelk '07 Policy and Awareness Analyst Information Security Office Rochester Institute of Technology Ross 10-A204 151 Lomb Memorial Drive Rochester, New York 14623 585.475.4122 585.475.7920 fax ben.woelk () rit edu<mailto:ben.woelk () rit edu> http://security.rit.edu/dsd.html Become a fan of RIT Information Security at http://rit.facebook.com/profile.php?id=6017464645 Follow us on Twitter: http://twitter.com/RIT_InfoSec From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of James Farr '05 Sent: Wednesday, July 07, 2010 2:06 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Phishing Links It is hard to educate some users on the difference between legitimate and phony web links in email, and it is easy enough to fake a website. For that reason I would like to propose that no official college communication is sent with an active link in it. Problems, Some clients while trying to be helpful make links clickable that I do not want clickable. Links can be inserted as a picture, but not all clients show pictures by default. We can give directions to a website, in order to check your mail go to our homepage, click on login and select webmail, but some users cannot/will not follow those instructions. Would this solution cause more harm than good? What are your thoughts/rules? IITS will never ask you for your password. Never email your password to anyone. James Farr Information Security Officer Instructional Technologist Utica College jfarr () utica edu<mailto:jfarr () utica edu> 315-223-2386
Current thread:
- Phishing Links James Farr '05 (Jul 07)
- Re: Phishing Links Ben Woelk (Jul 07)
- Re: Phishing Links Pete Hickey (Jul 07)
- Re: Phishing Links Basgen, Brian (Jul 07)
- Re: Phishing Links James Farr '05 (Jul 07)
- Re: Phishing Links Jeff Kell (Jul 07)
- Re: Phishing Links Basgen, Brian (Jul 07)
- Re: Phishing Links Justin Azoff (Jul 07)
- Re: Phishing Links David Escalante (Jul 07)
- Re: Phishing Links Eric Case (Jul 07)
- Re: Phishing Links Joel Rosenblatt (Jul 07)
- Re: Phishing Links Flynn, Gary - flynngn (Jul 07)
- Re: Phishing Links Pete Hickey (Jul 07)
(Thread continues...)