Educause Security Discussion mailing list archives

Re: phishing irony

From: Gary Flynn <flynngn () JMU EDU>
Date: Wed, 11 Feb 2009 11:15:59 -0500

Tupker, Mike wrote:

I may be too cynical but just adding the warning won't help to "alert" users that it is a spam message. A good chunk of 
users will just ignore certain parts of an email and go straight to the questions that the email is asking.


We've received phish messages containing warning text we post to
our web sites:

" JMU will never ask for your password via email. DO NOT provide
  it regardless of circumstance."

Yeah, some folks responded.

I sent out a warning to our campus yesterday with an example of an email to watch out for and actually got responses 
with login information. It was very sad day for me.


Same experience here.

--
Gary Flynn
Security Engineer
James Madison University
www.jmu.edu/computing/security

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Current thread:

phishing irony Jesse Thompson (Feb 11)
- <Possible follow-ups>
- Re: phishing irony Dan Oachs (Feb 11)
- Re: phishing irony Jesse Thompson (Feb 11)
- Re: phishing irony Tupker, Mike (Feb 11)
- Re: phishing irony Pace, Guy (Feb 11)
- Re: phishing irony Mike Porter (Feb 11)
- Re: phishing irony Gary Flynn (Feb 11)
- Re: phishing irony Paul Crittenden (Feb 12)
- Re: phishing irony Ozzie Paez (Feb 12)
- Re: phishing irony HALL, NATHANIEL D. (Feb 12)
- Re: phishing irony Pete Hickey (Feb 12)
- Re: phishing irony Matthew Gracie (Feb 12)
- Re: phishing irony Valdis Kletnieks (Feb 12)
- Re: phishing irony Gary Flynn (Feb 13)
- Re: phishing irony James (Feb 13)
- Re: phishing irony Ozzie Paez (Feb 13)
- Re: phishing irony Falcon, Patricia (Feb 13)

(Thread continues...)