Re: attempts sending fake phishing messages to students and/or employees

[Eric Case <ecase () EMAIL ARIZONA EDU>]

> -----Original Message-----

> From: The EDUCAUSE Security Constituent Group Listserv

> [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Sam Hooker

> Sent: Wednesday, June 09, 2010 2:04 PM

> To: SECURITY () LISTSERV EDUCAUSE EDU

> Subject: Re: [SECURITY] attempts sending fake phishing messages to

> students and/or employees

>

<snip> 

>

> Anyway, unless we suss the resistance to actively testing our user

> populations for susceptibility to 

 

What about something like:

This is a test of the Phish System.  Your email administrators in voluntary
cooperation with federal, state and local authorities have developed this
message to keep you informed in the event of an actual phish.  If this had
been an actual phish email, you would have been instructed to send your
password to a cybercriminal posing as an administrator or trusted
individual.  Your email administrators reminds you, never give your password
to anyone.  For additional information and cyber-security tips, visit  . . .

 

-Eric

 

 

Eric Case, CISSP

eric (at) ericcase (dot) com

http://www.linkedin.com/in/ericcase