Educause Security Discussion mailing list archives
Re: Phishing E-mail Procedures
From: Mike Porter <mike () UDEL EDU>
Date: Thu, 26 Jan 2012 12:09:17 -0500
On Thu, 26 Jan 2012, Robert Meyers wrote:
I have been tasked with writing guidelines and procedures for an official process on how to handle inbound phishing and/or otherwise malicious e-mail. The bottom line is we will be asking our user to forward all such e-mail to a central account where we will check it for any further action. Does anyone in the group have a similar process they could share? I'm in favor of continuing to tell users to delete the e-mails and go on about their business, but the task is on my desk.
We have our users send copies with headers to a mailing list. If it is the first time we've seen it, I add the Reply-To addresses and what not to our database of recipients to watch for. Mike Mike Porter Systems Programmer V IT/NSS University of Delaware
Thanks Bob Robert E. Meyers, Ms.Ed. Educational Program Manager Office of Information Security West Virginia University office: (304) 293-8502 remeyers () mail wvu edu
- Mike Porter PGP Fingerprint: F4 AE E1 9F 67 F7 DA EA 2F D2 37 F3 99 ED D1 C2
Current thread:
- Re: Phishing E-mail Procedures, (continued)
- Re: Phishing E-mail Procedures Bob Bayn (Jan 26)
- Re: Phishing E-mail Procedures Jesse Thompson (Jan 26)
- Re: Phishing E-mail Procedures Robert Meyers (Jan 26)
- Re: Phishing E-mail Procedures Valdis Kletnieks (Jan 26)
- Re: Phishing E-mail Procedures Jesse Thompson (Jan 26)
- Re: Phishing E-mail Procedures Doty, Timothy T. (Jan 26)
- Re: Phishing E-mail Procedures Valdis Kletnieks (Jan 26)
- Re: Phishing E-mail Procedures Tim Doty (Jan 26)
- Re: Phishing E-mail Procedures Valdis Kletnieks (Jan 26)
- Re: Phishing E-mail Procedures Tim Doty (Jan 26)
- Re: Phishing E-mail Procedures Roger A Safian (Jan 26)