Educause Security Discussion mailing list archives
Mitigating Phishing Attacks
From: "Conlee, Keith" <conlee () COD EDU>
Date: Tue, 4 Dec 2012 13:15:13 -0600
I apologizing for resending this but the listserv administrator or administrative software flagged me as sending it previously and looking back thru my "sent" folder, and I am pretty sure I have not. But just in case I apologize in advance if I missed something out and sent something out similar. Although if I had, I would think I would have seen my own posting and possibly some responses. Oh well, I will try again - here goes. -----Original Message----- From: Conlee, Keith Sent: Tuesday, December 04, 2012 12:24 PM To: 'SECURITY () LISTSERV EDUCAUSE EDU' Subject: RE: Mitigating Phishing Attacks Sorry for the delay, but I am playing catch up. We also have experienced an increase of phishing attacks and a couple users have taken the hook causing us to get blacklisted, etc. and the clean-up that follows. This last phishing attack the sender masqueraded as the "System Administrator" by either spoofing the sender's address, or sending from a previously compromised email account and signing as "System Administrator." It was the old phishing scam warning the user " Your mailbox has exceeded the storage limit." As the IT department we have told our users that we (IT) will never send them an unsolicited email asking them for any sensitive input (e.g. ID and password, etc.). We (IT) are thinking of making a new policy decision that we will not send out any "active" links in email that will take the user to a webpage and ask for their sensitive data (e.g., ID and password). Instead we will provide a description of the webpage they need to go to (e.g. Employee Portal) and provide an "inactive" text link and instruct them to cut and paste (or type) the text into the address bar of their browser (for convenience). It is MOST convenient to just provide the link, but since links can be spoofed and take you elsewhere, an inactive text link that can either be cut-and-pasted or typed into a browser location bar provides some convenience and we think is safer. The only way we can go wrong is if our College website gets hacked. ANY THOUGHTS - Good or Bad? Thanks for any responses. Keith Conlee, JD, CISSP, CISA, CBCP Chief Security Officer, IT College of DuPage 425 Fawell Blvd. Glen Ellyn, IL 60137-6599 Ph. - 630.942.3055 Fax. - 630.790.0325
Current thread:
- Re: Mitigating Phishing Attacks, (continued)
- Re: Mitigating Phishing Attacks Steven Tardy (Nov 14)
- Re: Mitigating Phishing Attacks Joel Rosenblatt (Nov 14)
- Message not available
- Re: Mitigating Phishing Attacks Drew Perry (Nov 15)
- Re: Mitigating Phishing Attacks Valdis Kletnieks (Nov 18)
- Re: Mitigating Phishing Attacks Steven Tardy (Nov 14)
- Re: Mitigating Phishing Attacks Bob Bayn (Nov 14)
- Re: Mitigating Phishing Attacks Bateman, Darrell (Nov 16)
- Re: Mitigating Phishing Attacks Christopher Jones (Nov 19)
- Re: Mitigating Phishing Attacks Conlee, Keith (Dec 04)
- Re: Mitigating Phishing Attacks Tonkin, Derek K (Dec 04)
- Re: Mitigating Phishing Attacks Oscar Knight (Dec 04)
- Re: Mitigating Phishing Attacks Tonkin, Derek K (Dec 04)
- Mitigating Phishing Attacks Conlee, Keith (Dec 04)