Educause Security Discussion mailing list archives
Re: FYI: Another round of spear Phishing
From: Dean Halter <Dean.Halter () NOTES UDAYTON EDU>
Date: Thu, 19 Jun 2008 13:05:04 -0400
One question is which kind of "phish" to use as a model: 1) the one that asks for an email password by return email or 2) one that directs the user to a look-alike website at a clearly bogus URL. We've been getting a LOT of the email reply variety lately.
We discussed this as well. Email potentially travels in the clear and, depending upon how you plan on "catching" the replies, mail forwarding might cause also problems. If we can get the go ahead, we'd like to send our own faculty and staff a spoofed, simple email with a URL redirecting them to a secure website off-campus modeled to look like our authentication page and, if a user bit (I purposefully leave this vague), pop up an educational page. Dean
Current thread:
- Re: FYI: Another round of spear Phishing, (continued)
- Re: FYI: Another round of spear Phishing Robin Polak (Jun 17)
- Re: FYI: Another round of spear Phishing ram smith (Jun 17)
- Re: FYI: Another round of spear Phishing Gary Warner (Jun 17)
- Re: FYI: Another round of spear Phishing Cal Frye (Jun 18)
- Re: FYI: Another round of spear Phishing Matthew Gracie (Jun 19)
- Re: FYI: Another round of spear Phishing Cal Frye (Jun 19)
- Re: FYI: Another round of spear Phishing Dean Halter (Jun 19)
- Re: FYI: Another round of spear Phishing Bob Bayn (Jun 19)
- Re: FYI: Another round of spear Phishing Curt Wilson (Jun 19)
- Re: FYI: Another round of spear Phishing Mclaughlin, Kevin (mclaugkl) (Jun 19)
- Re: FYI: Another round of spear Phishing Dean Halter (Jun 19)
- Re: FYI: Another round of spear Phishing Jesse Thompson (Jun 27)