Educause Security Discussion mailing list archives
Teaching Staff How to Use Exchange/Outlook Junk Folder to Identify/Disarm Malicious Email
From: Martin Manjak <mmanjak () ALBANY EDU>
Date: Thu, 9 Aug 2012 10:35:55 -0400
If you are an Exchange/Outlook shop (we are using Live@EDU), and you offer various information security tips or training to faculty/staff, you may want to spend some time teaching them how to use their Junk folder to disarm and analyze suspicious/malicious email. Moving a message to the Junk folder will disable any embedded links and render the html as plain text, revealing obfuscated links. This is a simple and easy way for staff to evaluate suspicious messages and determine whether or not they are legitimate. The presence of obfuscated links is usually a very reliable indicator that the message is bogus or threatening, and when the message is placed in the Junk folder, these discrepancies are revealed to ordinary users. It's an extra step, but one that i think employees are willing to take since it's very straight forward and they can interpret the results on their own. Marty -- Martin Manjak CISSP, GIAC GSEC-G Information Security Officer University at Albany MSC 209 518/437-3813 The University at Albany will never ask you to reveal your password. Please ignore all such requests.
Current thread:
- Teaching Staff How to Use Exchange/Outlook Junk Folder to Identify/Disarm Malicious Email Martin Manjak (Aug 09)