Educause Security Discussion mailing list archives
Re: Self-Phishing - Pre Launch Messages
From: "Shettler, David" <dshettle () HOLYCROSS EDU>
Date: Tue, 15 Nov 2016 13:58:31 -0500
Our cabinet felt it was important to treat the program as a series of "fire drills", and like fire drills, you don't describe exactly when they will happen, but you do tell people that they will to be happening. Here was the initial communication from 2015: https://docs.google.com/document/d/1RLlCG9-0a2SEbmsUj1zN35kpnHE449lcYyrgobEgdnQ/edit?usp=sharing Here was a followup communication a year later or so, we felt it was time to share some data about the project, and announce that it would continue: https://docs.google.com/document/d/1Dje7IKnVHyptDjOknKXP-uOnAGCBtCUSpCASlkKVTgk/edit?usp=sharing We also discuss the program briefly at new employee orientation. Program has been a tremendous success. Our users actually love it. It has been a lot of work for us, but, susceptibility is way down, and reports are way way up. Hope that helps. On Tue, Nov 15, 2016 at 11:19 AM, James Farr <jfarr () utica edu> wrote:
We are exploring self-phishing options with our faculty staff and possible students. We want to provide notification to the users about the program before we send any actual phishing messages. We are thinking that notifications should be mentioned at orientation with an annual email reminder. How often do you notify your users about the self-phishing program? Can anyone share examples of campus notifications sent out prior to implementing this type of program? James Farr ā05 Gā12 Director of Information Security Utica College *jfarr () utica edu* <jfarr () utica edu> 315-223-2386
-- *DAVID SHETTLER* *Information Security Officer* Information Technology Services dshettle () holycross edu *phone: *(508) 793-3073 One College Street Box ITS Worcester, Mass. 01610 www.holycross.edu *Don't get Phished: Hover over links in your email to see where they go BEFORE you click! * Do you have what it takes to spot a phish? http://phishingchallenge.holycross.edu Watch our online sessions on phishing identification: http://phishmenot.holycross.edu/online-training Follow us on Twitter: @hcinfosec
Current thread:
- Self-Phishing - Pre Launch Messages James Farr (Nov 15)
- Re: Self-Phishing - Pre Launch Messages David D Grisham (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Jimenez, Julio (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Shettler, David (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Rob Milman (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Eric Weakland (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Valerie Vogel (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Sweeney, Sean (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Eric Weakland (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Tamara Bahr (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Valerie Vogel (Nov 15)
- Re: Self-Phishing - Pre Launch Messages James Farr (Nov 15)
- Re: Self-Phishing - Pre Launch Messages David D Grisham (Nov 15)