Re: Phishing, compromised account and SPAM

[Mally Mclane <mally.mclane () BRISTOL AC UK>]

Hi,

I think  a problem we have (without any evidence to back it up..) that we
promoted Postini and Gmail to be so good at blocking things that when stuff
does get through, it's almost viewed by some as genuine, because it wasn't
blocked...

Mally
On 2 Apr 2014 21:42, "Banks, Teresa E - (tbanks)" <tbanks () email arizona edu>
wrote:

> Phishing is truly the bane of our existence.
>
>
>
> One thing we recently did was set up an RSS feed phishing alert (hxxp://
> security.arizona.edu/phishing-alerts.xml).  It has helped increase the
> number of reports our office is getting, and also provides us an extra
> opportunity to give our users information on recognizing a phish.
>
>
>
> We have devoted a lot of printed materials to the issue, warnings,
> awareness presentations, etc.
>
>
>
> Our last newsletter was completely dedicated to phishing.  You can find it
> at hxxp://security.arizona.edu/securecat-courier.
>
>
>
> I'm sure there are other good ideas out there as well.  Believe me, I
> sympathize. . . .
>
>
>
>
>
> *Teresa E. Banks*
>
> Manager, Information Security
>
>    & Compliance Programs
>
> University of Arizona Information Security
>
> tbanks () email arizona edu
>
> Phone:  520.621.8476
>
>
>
> *From:* The EDUCAUSE Security Constituent Group Listserv [mailto:
> SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Rob Tanner
> *Sent:* Wednesday, April 02, 2014 1:20 PM
> *To:* SECURITY () LISTSERV EDUCAUSE EDU
> *Subject:* [SECURITY] Phishing, compromised account and SPAM
>
>
>
> Hi,
>
>
>
> We are seeing an increase in phishing expeditions as well as a more
> significant increase in those who fall for them and give their password
> away.  We've tried everything we can think of to educate faculty and staff
> to the fact that ITS never, ever asked them to revalidate their account by
> entering their username and password.  But it still continues to happen and
> it looks like what folks are after is an account they can send SPAM
> through.  If it's in the middle of a week-day we catch it pretty early ,
> but evenings and especially week-ends, thousands of email messages with
> between 40 and 50 recipients each are sent out before we can kill it.  So,
> we are constantly getting on blacklists.
>
>
>
> I can't imagine that Linfield College is alone in this situation.  What
> are others doing to mitigate the consequences or better yet, prevent from
> occurring in the first place.
>
>
>
> Thanks.
>
>
>
>
>
> *Rob Tanner*
>
> UNIX Services Manager
> Linfield College, McMinnville Oregon
>
> *ITS will never ask you for your password.  Please don't share yours with
> anyone!*