Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: How do you block spoofed communications from HR, Payroll, the President...?

From: "Davis, Chris" <CDavis () LOURDES EDU>
Date: Wed, 24 Oct 2018 13:02:08 +0000
Unfortunately, there really isn’t a lot that you can do. We have awareness training for all of our users and they 
report suspected phishes and spearphishes and we block the offending address.

There is an interesting tool through KnowBe4 called the Phish Alert Button that we are going to start using.  It will 
delete the email from the user’s box as well as notify IT.  I believe it may also delete similar emails from others 
boxes but I am not 100% sure on that one.

Hope this helps.

Chris



Sent from my iPad - please excuse any minor errors.

Chris Davis, Ph.D.
Chief Information Officer
Assistant Professor of Education
Lourdes University
cdavis () lourdes edu<mailto:cdavis () lourdes edu>

On Oct 24, 2018, at 8:54 AM, John R. LaPrad <jrl () SVSU EDU<mailto:jrl () SVSU EDU>> wrote:

Hello Colleagues, I am wondering what other universities are doing to block emails to users that have spoofed official 
people or offices on campus. Emails claiming to be from HR or Payroll, or the President.  Do you have a way to 
'guarantee' official communications so that end users can easily distinguish between the real and the fake?
We have an Office 365 email environment and also have many third party organizations that send mail, for our, as our, 
domain.
Any all thoughts are welcome

Thank you for your time

John LaPrad - CISSP, CIHE, GIAC/GMON
Information Systems Security Manager
Saginaw Valley State University
7400 Bay Rd. University Center, MI
Phone: 989-964-7134
jrl () svsu edu<mailto:jrl () svsu edu>
Previous By Date Next
Previous By Thread Next

Current thread: