Educause Security Discussion mailing list archives
Re: Self-Phishing - show of hands
From: Paul Chauvet <chauvetp () NEWPALTZ EDU>
Date: Wed, 17 Feb 2016 20:20:44 +0000
Late reply, sorry! We've been doing self-phishing for 3 years now, originally with Wombat, then Threatsim (which now was bought by Wombat). We've found it to be one of the most effective things we've done, though unfortunately due to the cost we've only been using it against Faculty & Staff. I'm considering using the Social Engineering Toolkit (open source) rarely for our students. Who are you phishing? (Select groups, All Staff, All Faculty, All Students, everyone etc.) - All faculty and staff (initially was only those with higher level access like Banner & IT groups) What are you using? (Vendor, custom or opensource and the name of the vendor or project.) - Threatsim How long have you been phishing your customers? 3 years Paul Chauvet Information Security Officer State University of New York at New Paltz 845-257-3828 chauvetp () newpaltz edu<mailto:chauvetp () newpaltz edu> [emlogo] From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Eric Weakland Sent: Thursday, February 11, 2016 10:38 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Self-Phishing - show of hands Greetings, I'm working on a publication on self phishing for HEISC and preparing to leverage our self-phishing service (SANS) in the coming year. I am trying to develop a list of universities who are doing "self phishing". If your institution is self phishing your community - would you mind dropping me a note with the following items. Who are you phishing? (Select groups, All Staff, All Faculty, All Students, everyone etc.) What are you using? (Vendor, custom or opensource and the name of the vendor or project.) How long have you been phishing your customers? Thanks everyone! Regards, Eric Weakland, CISSP, CISM, CRISC Director, Information Security Office of Information Technology American University eric at american.edu 202.885.2241 _____________________________________________ Emails from IT asking you to log in with a link are scams!
Current thread:
- Re: Self-Phishing - show of hands, (continued)
- Re: Self-Phishing - show of hands Jeff Choo (Feb 11)
- Re: Self-Phishing - show of hands Feehan, Patrick (Feb 11)
- Re: Self-Phishing - show of hands Eric Weakland (Feb 11)
- Re: Self-Phishing - show of hands Dennis Duncan (Feb 11)
- Re: Self-Phishing - show of hands Stefan Wahe (Feb 11)
- Re: Self-Phishing - show of hands Christine Streeter (Feb 11)
- Re: Self-Phishing - show of hands Jenny Blaine (Feb 11)
- Re: Self-Phishing - show of hands Sol Bermann (Feb 12)
- Re: Self-Phishing - show of hands Melanie Lever (Feb 12)
- Re: Self-Phishing - show of hands George Moore (Feb 16)
- Re: Self-Phishing - show of hands Paul Chauvet (Feb 17)