Educause Security Discussion mailing list archives
Re: Phishing Links
From: Ben Woelk <fbwis () RIT EDU>
Date: Wed, 7 Jul 2010 21:30:03 -0400
Marty, Do you include alumni in your "phishing education" efforts? I'm curious as to whether they're "in scope" for your office, and if so, how you're engaging them. I do a seminar every fall for alumni at our Brick City event, but that hardly scratches the surface. Ben Woelk '07 Policy and Awareness Analyst Information Security Office Rochester Institute of Technology Ross 10-A204 151 Lomb Memorial Drive Rochester, New York 14623 585.475.4122 585.475.7920 fax ben.woelk () rit edu http://security.rit.edu/dsd.html Become a fan of RIT Information Security at http://rit.facebook.com/profile.php?id=6017464645 Follow us on Twitter: http://twitter.com/RIT_InfoSec ________________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Martin Manjak [mm376 () ALBANY EDU] Sent: Wednesday, July 07, 2010 5:09 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Phishing Links Our recent experience is that those individuals who are most susceptible to theses types of social engineering attacks are those who recently left the University, i.e., grad students who were employed, graduating seniors, temporary appointments either on the academic or professional side. They look at phishing messages from a completely different point of view than the general population. They may have a rather tenuous relationship to the institution to begin with. To them, the loss of their University account could happen, and for whatever reason, they are vulnerable to those messages that threaten its loss. To avoid that, they respond to the phish. Ironically, this results in the very thing they want to prevent. Marty On 7/7/2010 4:34 PM, Pete Hickey wrote:
The problem with this is why phishing is successful. MOST people are not fooled. The people who would go to such a web site for verification are those who would not be fooled. It is the outer edges of the bell curve that are getting caught,and these people would most likely not visit such a page for verification.
-- Martin Manjak Information Security Officer University at Albany CISSP, GSEC, GCWN
Current thread:
- Re: Phishing Links, (continued)
- Re: Phishing Links Basgen, Brian (Jul 07)
- Re: Phishing Links James Farr '05 (Jul 07)
- Re: Phishing Links Jeff Kell (Jul 07)
- Re: Phishing Links Basgen, Brian (Jul 07)
- Re: Phishing Links Justin Azoff (Jul 07)
- Re: Phishing Links David Escalante (Jul 07)
- Re: Phishing Links Eric Case (Jul 07)
- Re: Phishing Links Joel Rosenblatt (Jul 07)
- Re: Phishing Links Flynn, Gary - flynngn (Jul 07)
- Re: Phishing Links Pete Hickey (Jul 07)
- Re: Phishing Links Martin Manjak (Jul 07)
- Re: Phishing Links Ben Woelk (Jul 07)
- Re: Phishing Links Martin Manjak (Jul 20)
- Windows 0-day David Opitz (Jul 21)
- Re: Windows 0-day Greg Williams (Jul 21)
- Re: Windows 0-day Greg Williams (Jul 27)
- Re: Phishing Links Pete Hickey (Jul 07)
- Re: Phishing Links Flynn, Gary - flynngn (Jul 07)
- Re: Phishing Links James Farr '05 (Jul 08)