Educause Security Discussion mailing list archives

Re: phishing irony

From: "Harris, Michael C." <HarrisMC () HEALTH MISSOURI EDU>
Date: Fri, 13 Feb 2009 11:07:41 -0600

We have done similar things with snort rules to identify ID and password
as well as SSN or medical record numbers etc. in the clear in both in
e-mail and in other clear text protocols. Enforcement became a painful
manual education process.

Currently implementing tighter e-mail encryption, trying to figure out
how to either auto-encrypt based upon filters for ssn mrn etc or bounce
it back to the user and give the user the choice to encrypt by either a
full client check box and or OWA placing something like [secure] in a
subject line to trigger the encryption.

Mike

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Chris Edwards
Sent: Friday, February 13, 2009 10:00 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] phishing irony

On Fri, 13 Feb 2009, Leo Song wrote:

| Has anyone done or thought of applying e-mail content filter at edge 
| MTAs, to "catch" all outgoing e-mails with "username password" in 
| message body, and auto-reply to staff / students?

You might want to check out:

 http://oss.lboro.ac.uk/kochi1.html


--
Chris Edwards
IT Security, Computing Service
University of Glasgow, charity number SC004401

Current thread:

Re: phishing irony, (continued)
- Re: phishing irony Ozzie Paez (Feb 13)
- Re: phishing irony Falcon, Patricia (Feb 13)
- Re: phishing irony HALL, NATHANIEL D. (Feb 13)
- Re: phishing irony Leo Song (Feb 13)
- Re: phishing irony Ozzie Paez (Feb 13)
- Re: phishing irony Chris Edwards (Feb 13)
- Re: phishing irony Leon DuPree (Feb 13)
- Re: phishing irony Zach Jansen (Feb 13)
- Re: phishing irony Valdis Kletnieks (Feb 13)
- Re: phishing irony HALL, NATHANIEL D. (Feb 13)
- Re: phishing irony Harris, Michael C. (Feb 13)
- Re: phishing irony Allison Dolan (Feb 13)