Educause Security Discussion mailing list archives
Re: Recent Phishing Uptick
From: Josef Fortier <fortier () AUGSBURG EDU>
Date: Thu, 20 Feb 2014 10:27:06 -0600
We are using Google Apps, which does not offer the content altering functionality that IronPort does. But it does offer "Content compliance" which offers enough to be mildly useful here. We've set up a set up a rule to a apply a set of regexes against messages looking for the free hosting sites which, if matched triggers "Prepend Custom Subject" with a simple light warning (and a copy to an alerting mailbox). A quick glance at the recent matches shows a handful every few days, with about 1/4 phishes (the rest are typically forwarded emails with personal web pages). We've received no complaints about this policy since we implemented it 6 months ago.
Your "Modify the spam before delivering" trick is awesome! Which mailsystem are you using, and can you share a bit more about your technique?
-- __________________________________________________________________________ Josef Fortier Systems Administrator fortier () augsburg edu Phone: 612-330-1479 __________________________________________________________________________
Current thread:
- Re: Recent Phishing Uptick, (continued)
- Re: Recent Phishing Uptick Frank Barton (Feb 20)
- Re: Recent Phishing Uptick Joel L. Rosenblatt (Feb 20)
- Re: Recent Phishing Uptick David Curry (Feb 20)
- Re: Recent Phishing Uptick Ejike, Emechete C. (Feb 20)
- Re: Recent Phishing Uptick Joel L. Rosenblatt (Feb 20)
- Re: Recent Phishing Uptick David Curry (Feb 20)
- Re: Recent Phishing Uptick Joel L. Rosenblatt (Feb 20)
- Re: Recent Phishing Uptick Frank Barton (Feb 21)
- Re: Recent Phishing Uptick Mike Iglesias (Feb 21)
- Re: Recent Phishing Uptick Tim Doty (Feb 21)
- Re: Recent Phishing Uptick Mally Mclane (Feb 20)
- More details for Google Apps Phishing warning Josef Fortier (Feb 20)