Educause Security Discussion mailing list archives

Re: SECURITY Digest - 3 Sep 2014 to 4 Sep 2014 (#2014-144)

From: Rich Graves <rgraves () CARLETON EDU>
Date: Fri, 5 Sep 2014 10:34:46 -0400


Our simulated phish goes to a simulated "this site has been blackholed" page, like
http://testing.carleton-edu.com/

If you want to see who will give up credentials, you could defer the "blocked" page to the form action. You need 
management support and you shouldn't deny what you've done, but I don't see a reason to take credit in any way. This is 
not an IRB activity.

It's a bit dishonest, but seriously cuts down on user complaints. It also teaches what to do (nothing) when they get a 
real phish whose collection site we have blocked. 
-- 
Rich Graves

Current thread:

Re: SECURITY Digest - 3 Sep 2014 to 4 Sep 2014 (#2014-144) John Forker (Sep 05)
- Re: SECURITY Digest - 3 Sep 2014 to 4 Sep 2014 (#2014-144) Ben Woelk (Sep 05)
- <Possible follow-ups>
- Re: SECURITY Digest - 3 Sep 2014 to 4 Sep 2014 (#2014-144) Rich Graves (Sep 05)