Educause Security Discussion mailing list archives
Re: Blocking phishing URL's
From: Bob Bayn <bob.bayn () USU EDU>
Date: Mon, 2 Dec 2013 16:35:48 +0000
Mally, Since the Oxford incident and the subsequent addition of a warning at the bottom of google docs forms, we haven't seen them used much at all for phishing. Instead, phishers have moved on to services like jimdo(.)com, webs(.)com, yolasite(.)com and coffeecup(.)com among others. The whole list that we watch out for is maintained at: https://it.usu.edu/computer-security/be-an-internet-skeptic/form-services/ And I have recruited about 350 "Internet Skeptics" who report phish messages to me. Bob Bayn SER 301 (435)797-2396 IT Security Team Office of Information Technology, Utah State University three common hazardous email scams to watch out for: 1) unfamiliar transaction report from familiar business 2) attachment with no explanation in message body 3) "phishing" for your email password ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Mally Mclane [mally.mclane () BRISTOL AC UK] Sent: Monday, December 02, 2013 9:20 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Blocking phishing URL's All, Out of curiosity, do any of you do anything special for those using Google Docs / Forms for phishing? Mally On 2 Dec 2013 16:16, "Julian Y Koh" <kohster () northwestern edu<mailto:kohster () northwestern edu>> wrote: On Dec 2, 2013, at 09:16 , "Ullman, Catherine" <cende () BUFFALO EDU<mailto:cende () BUFFALO EDU>> wrote:
I’ve been asked to investigate what other institutions are doing to block access to URL’s at the edge (i.e. block connections when people click on a URL, despite virtual hosting or fastflux DNS).
We use our Palo Alto firewalls to block this type of traffic. -- Julian Y. Koh Acting Associate Director, Telecommunications and Network Services Northwestern University Information Technology (NUIT) 2001 Sheridan Road #G-166 Evanston, IL 60208 847-467-5780 NUIT Web Site: <http://www.it.northwestern.edu/> PGP Public Key:<http://bt.ittns.northwestern.edu/julian/pgppubkey.html>
Current thread:
- Blocking phishing URL's Ullman, Catherine (Dec 02)
- Re: Blocking phishing URL's Stein, Nico Alexander (Dec 02)
- Re: Blocking phishing URL's Kevin Moll (Dec 02)
- Re: Blocking phishing URL's Ullman, Catherine (Dec 02)
- Re: Blocking phishing URL's Stein, Nico Alexander (Dec 04)
- Re: Blocking phishing URL's Thomas Munson (Dec 04)
- Re: Blocking phishing URL's Josh Flaherty (Dec 02)
- Re: Blocking phishing URL's Michael Benedetto (Dec 04)
- Re: Blocking phishing URL's Julian Y Koh (Dec 02)
- Re: Blocking phishing URL's Mally Mclane (Dec 02)
- Re: Blocking phishing URL's Bob Bayn (Dec 02)
- Re: Blocking phishing URL's Eric Schewe (Dec 02)
- Re: Blocking phishing URL's Mally Mclane (Dec 02)
- Re: Blocking phishing URL's Maloney, Michael (Dec 02)
- Re: Blocking phishing URL's Stein, Nico Alexander (Dec 02)