Re: Phishing E-mail Procedures

[Roger A Safian <r-safian () NORTHWESTERN EDU>]

We have a similar plan, although we also add it to our phishing examples page so the community can check there before 
contacting us.

http://www.it.northwestern.edu/security/phishing/attempts.html



> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv
> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mike Porter
> Sent: Thursday, January 26, 2012 11:09 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] Phishing E-mail Procedures
>
> On Thu, 26 Jan 2012, Robert Meyers wrote:
>
> > I have been tasked with writing guidelines and procedures for an official
> process on how to handle inbound phishing and/or otherwise malicious e-
> mail. The bottom line is we will be asking our user to forward all such e-mail
> to a central account where we will check it for any further action.   Does
> anyone in the group have a similar process they could share? I'm in favor of
> continuing to tell users to delete the e-mails and go on about their business,
> but the task is on my desk.
> >
>
> We have our users send copies with headers to a mailing list.  If it is the first
> time we've seen it, I add the Reply-To addresses and what not to our
> database of recipients to watch for.
>
> Mike
>
> Mike Porter
> Systems Programmer V
> IT/NSS
> University of Delaware
>
> > Thanks
> >
> > Bob
> >
> >
> >
> > Robert E. Meyers,  Ms.Ed.
> > Educational Program Manager
> >  Office of Information Security
> > West Virginia University
> > office: (304) 293-8502
> > remeyers () mail wvu edu
>
> -
> Mike Porter
> PGP Fingerprint: F4 AE E1 9F 67 F7 DA EA  2F D2 37 F3 99 ED D1 C2