Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: phishing irony

From: "Pace, Guy" <gpace () CIS CTC EDU>
Date: Wed, 11 Feb 2009 07:59:20 -0800
Maybe Steve Jobs was right. People just don't read anymore.

Guy L. Pace, CISSP
Security Administrator
Information Technology Division
WA State Board for Community and Technical Colleges (SBCTC)
3101 Northup Way, Suite 100
Bellevue, WA 98004
425-803-9724
gpace () cis ctc edu

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Tupker, 
Mike
Sent: Wednesday, February 11, 2009 6:48 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] phishing irony

I may be too cynical but just adding the warning won't help to "alert" users that it is a spam message. A good chunk of 
users will just ignore certain parts of an email and go straight to the questions that the email is asking.

I sent out a warning to our campus yesterday with an example of an email to watch out for and actually got responses 
with login information. It was very sad day for me.

Mike Tupker
Systems Administrator
Mount Mercy College
Office: (319) 363-1323 x1401
Mobile: (319) 538-1644
If you need assistance with an computer issue please contact the helpdesk at x4357 or http://help.mtmercy.edu.

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jesse 
Thompson
Sent: Wednesday, February 11, 2009 8:15 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] phishing irony

Ah, good call.  The message went through another EDU mail server first,
which appears to have added the warning.

It fooled me :-)  I thought it was an attempt by the phisher to diffuse
the users' perception of risk.

Adding the warning might not be a bad idea, but I think that it should
state that the warning was added to the message after it was sent.

========================================================================
  Warning: the content of this message indicates that it might be
  an attempt to steal your private information.

  PHISHING: Legitimate organizations NEVER ask for your SSN, password,
  account number, or other personal data.  Do NOT ever provide such
  information to anyone via email.
========================================================================

Jesse

Dan Oachs wrote:

Is there any chance that someones outbound mailserver added that to the
top of the message as a warning?  Would be an interesting idea but
probably would not stop many users from responding with their password
anyway :)

--Dan


Jesse Thompson wrote:

I found a phish message today with the following at the top of the
message:

========================================================================
PHISHING: Legitimate organizations NEVER ask for your SSN, password,
account number, or other personal data.  Do NOT ever provide such
information to anyone via email.
========================================================================

It was then followed by the usual request to reply to the @live.com
address with account credentials.

I can't figure out if the phishers are being stupid or genius.

Jesse



--
   Jesse Thompson
   Division of Information Technology, University of Wisconsin-Madison
   Email/IM: jesse.thompson () doit wisc edu
Previous By Date Next
Previous By Thread Next

Current thread: