Educause Security Discussion mailing list archives

Re: Notifying organizations when you receive phishing e-mails from them

From: "Lorenz, Eva" <evalorenz () UNC EDU>
Date: Fri, 25 Jan 2013 16:37:47 +0000

We usually contact other edus or agencies - same for a compromised system - and usually contact abuse@.

 - Eva

Eva Lorenz,
ITS Security
UNC Chapel Hill
________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Tonkin, Derek K 
[Derek_Tonkin () BAYLOR EDU]
Sent: Friday, January 25, 2013 11:15 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Notifying organizations when you receive phishing e-mails from them

Does anyone try to reach out to the IT departments of organizations you receive phishing e-mails from?  We received 
some today that is coming from an @nih.gov account and I was trying to determine how I could notify them.  I got to 
thinking that it might be a worthwhile to build a page on our website where we could allow outside organizations to 
report spam/phishing messages from accounts on our domain.  Has anyone else done this or even considered it?

Thanks!
___________________________________________________________
DEREK TONKIN
Information Security Analyst
ITS – Networking Systems
DPKG Suite 117.3
(254) 710-7061
Derek_Tonkin () Baylor edu<mailto:Derek_Tonkin () Baylor edu>

External Mailing Address
One Bear Place #97268
Waco, TX 76798-7268
[Description: bearawarefinal]

Current thread:

Notifying organizations when you receive phishing e-mails from them Tonkin, Derek K (Jan 25)
- Re: Notifying organizations when you receive phishing e-mails from them Roger A Safian (Jan 25)
  - Re: Notifying organizations when you receive phishing e-mails from them Jacobson, Dick (Jan 25)
- Re: Notifying organizations when you receive phishing e-mails from them Lorenz, Eva (Jan 25)
- Re: Notifying organizations when you receive phishing e-mails from them Bob Bayn (Jan 25)