Educause Security Discussion mailing list archives
Re: Official and Certified Email
From: Mike Porter <mike () UDEL EDU>
Date: Wed, 24 Sep 2008 10:14:57 -0400
On Wed, 24 Sep 2008, Justin St. Onge wrote:
I think email is a lost cause. RSS maybe?
I don't know. I am heartened by the fact that no one has fallen for the latest phish scam here. I think people need to learn to read and think. If something comes in the US mail, you should look and think before replying; the same goes for email. People haven't been brought up thinking that email can be trivially forged and they don't think. Mike
Justin St. Onge Academic Server Administrator/Lab Coordinator SUNY College at Oneonta - Academic Computer Services stongejc () oneonta edu "Look, defenseless babies!" Fletch -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mclaughlin, Kevin (mclaugkl) Sent: Wednesday, September 24, 2008 8:43 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Official and Certified Email Hi All: Has anyone conquered yet how to have (example) their president send out an email with a link in it and have folks comfortable that it is not a phishing scheme? I now have community members ringing our phones off the hook when United Way, Fine Arts, etc. emails come to them with instructions to click the link. I applaud the fact that as a profession our awareness campaigns are working but am now struggling with the concept of how to create an official email that everyone who receives it knows to trust. Certificates, IMO, are not the answer as most people don't even know what the little certificate icon means, let alone how to hover over it to see if a message is authentic or not. Of course, that could just be a training issue that needs to start at a young age in order to get people used to looking for a "President's certificate" or a "Help Desk Certificate", etc. I suspect though (just a SWAG here on my part) that we will need to figure out an easier solution. Any ideas or thoughts would be greatly appreciated. -Kevin Kevin L. McLaughlin MS,CISM, CISSP, GLSC, PMP, ITIL Manager Certified Director, Information Security University of Cincinnati
- Mike Porter PGP Fingerprint: F4 AE E1 9F 67 F7 DA EA 2F D2 37 F3 99 ED D1 C2
Current thread:
- Official and Certified Email Mclaughlin, Kevin (mclaugkl) (Sep 24)
- <Possible follow-ups>
- Re: Official and Certified Email Ken Connelly (Sep 24)
- Re: Official and Certified Email Justin St. Onge (Sep 24)
- Re: Official and Certified Email Willis Marti (Sep 24)
- Re: Official and Certified Email Mike Porter (Sep 24)
- Re: Official and Certified Email Chris Green (Sep 24)