Educause Security Discussion mailing list archives
Re: phishing irony
From: Gary Flynn <flynngn () JMU EDU>
Date: Wed, 11 Feb 2009 11:15:59 -0500
Tupker, Mike wrote:
I may be too cynical but just adding the warning won't help to "alert" users that it is a spam message. A good chunk of users will just ignore certain parts of an email and go straight to the questions that the email is asking.
We've received phish messages containing warning text we post to our web sites: " JMU will never ask for your password via email. DO NOT provide it regardless of circumstance." Yeah, some folks responded.
I sent out a warning to our campus yesterday with an example of an email to watch out for and actually got responses with login information. It was very sad day for me.
Same experience here. -- Gary Flynn Security Engineer James Madison University www.jmu.edu/computing/security
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- phishing irony Jesse Thompson (Feb 11)
- <Possible follow-ups>
- Re: phishing irony Dan Oachs (Feb 11)
- Re: phishing irony Jesse Thompson (Feb 11)
- Re: phishing irony Tupker, Mike (Feb 11)
- Re: phishing irony Pace, Guy (Feb 11)
- Re: phishing irony Mike Porter (Feb 11)
- Re: phishing irony Gary Flynn (Feb 11)
- Re: phishing irony Paul Crittenden (Feb 12)
- Re: phishing irony Ozzie Paez (Feb 12)
- Re: phishing irony HALL, NATHANIEL D. (Feb 12)
- Re: phishing irony Pete Hickey (Feb 12)
- Re: phishing irony Matthew Gracie (Feb 12)
- Re: phishing irony Valdis Kletnieks (Feb 12)
- Re: phishing irony Gary Flynn (Feb 13)
- Re: phishing irony James (Feb 13)
- Re: phishing irony Ozzie Paez (Feb 13)
- Re: phishing irony Falcon, Patricia (Feb 13)
(Thread continues...)