Re: Phishing Blog

[Ed Jalinske <0000007d9892d157-dmarc-request () LISTSERV EDUCAUSE EDU>]

Phil,

 

See attached. I wrote this article a couple of years ago. It contains several detailed screenshots which were intended 
to provide transparency about our monthly phishing awareness campaigns. It has some good information that you should be 
able to use. 

 

To everyone else, feel free to pull whatever information you find helpful from this detailed article. We have a robust 
phishing awareness program in place at UW-Madison with several years of metrics.

 

I hope this helps!

 

Thanks,

 

Ed Jalinske
University of Wisconsin-Madison

Office of Cybersecurity

Cybersecurity Education Program Director

Policy and GRC Specialist

608.262.3837 (Office)

917.945.0748 (Cell)

ed.jalinske () wisc edu <mailto:ed.jalinske () wisc edu> 



 

 

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of PACC
Sent: Friday, February 22, 2019 9:24 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Phishing Blog

 

Hi, Phil. 

 

Here’s a couple of images of spam emails I have received, and which I have used in training materials and public 
speaking engagements. 

 

I don’t imagine the Royal Bank, Canada Revenue Agency, or Government of Canada logos were used with permission in the 
first place. They all are legitimate organizations, and all have public awareness campaigns about phishing and fraud, 
so the inclusion of their logos here would, I think, be very much in keeping with ‘fair use’ for the public good. 

 

HTH.

 

Sharon Polsky BIS MAPP

President & CEO — AMINAcorp.ca <http://aminacorp.ca/>  — @AMINAcorp <https://twitter.com/AMINAcorp>  
President — Privacy and Access Council of Canada <http://pacc-ccap.ca/> — @PACC-CCAP <https://twitter.com/PACC_CCAP> 
Member, <scc.cahttp://www.scc.ca/en/news-events/news/2018/iso-standard-will-help-protect-consumer-privacy-online-0>  
Standards Council of Canada GDPR Advisory Committee —   <https://twitter.com/StandardsCanada> @StandardsCanada ‏       
PbD — Privacy By Design Ambassador 
<http://web.archive.org/web/20121012080217/http:/privacybydesign.ca/ambassadors/individuals/page/7/> 

 

 





On 02 Feb 2019, at 2:00 AM, Maud, Phil <P.H.Maud () CRANFIELD AC UK <mailto:P.H.Maud () CRANFIELD AC UK> > wrote:

 

Hi

 

I am adding an item on Phishing to our university IT security blog

 

Thesite will be public so it needs to comply with all plagiarism and copyright considerations

 

To be of use I would like to include examples of phishing emails (as images in the phishing blog item)

 

There are many such images on the Internet but none of these seem to have open licensing such as creative commons 
enabling me to use them in such a blog

 

Has anyone done this, did they find a good source of images?

 

If so could you tell me where?

 

Alternatively if you have images from campaigns that you have been subjected to (suitably redacted) it would be great 
if you could share with me

 

thanks

 

Phil Maud

Information Security Analyst

Information Services

Building 63 (IT) G7, Cranfield University, Cranfield, Bedfordshire MK43 0AL

E:  <mailto:P.H.Maud () cranfield ac uk> P.H.Maud () cranfield ac uk

T: +44 (0) 1234 75 4879 

W:  <http://www.cranfield.ac.uk/> www.cranfield.ac.uk 

 

 

This email and any attachments to it may be confidential and are intended only for the named addressee. If you are not 
the named addressee, please accept our apology, notify the sender immediately and then delete the email. We request 
that you do not disclose, use, copy or distribute any information within it.

 

Any opinions expressed are not necessarily the corporate view of Cranfield University. This email is not intended to be 
contractually binding unless specifically stated and the sender is an authorised University signatory.

 

Whilst we have taken steps to ensure that this email and all attachments are free from any virus, we advise that, in 
keeping with good computing practice, the recipient should ensure they are actually virus free.

Attachment: Demystifying DoIT Phishing Campaigns_FINAL_DISTRIBUTED.pdf
Description:

Attachment: smime.p7s
Description: