Re: Notifying organizations when you receive phishing e-mails from them

[Bob Bayn <bob.bayn () USU EDU>]

I always try to contact the host site of phishing spam if it is an edu, k12 or apparent health care site and was 
received here in the past few hours (not days).  I have the IP of the smtp host so I check whois or I find their 
website and look for contact info.  Looking back in my sent messages, I've sent 5-10 per week lately.

Bob Bayn    SER 301    (435)797-2396       IT Security Team
Office of Information Technology,     Utah State University
     three common hazardous email scams to watch out for:
     1) unfamiliar transaction report from familiar business
     2) attachment with no explanation in message body
     3) "phishing" for your email password
________________________________
From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Tonkin, Derek K 
[Derek_Tonkin () BAYLOR EDU]
Sent: Friday, January 25, 2013 9:15 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Notifying organizations when you receive phishing e-mails from them

Does anyone try to reach out to the IT departments of organizations you receive phishing e-mails from?  We received 
some today that is coming from an @nih.gov account and I was trying to determine how I could notify them.  I got to 
thinking that it might be a worthwhile to build a page on our website where we could allow outside organizations to 
report spam/phishing messages from accounts on our domain.  Has anyone else done this or even considered it?

Thanks!
___________________________________________________________
DEREK TONKIN
Information Security Analyst
ITS – Networking Systems
DPKG Suite 117.3
(254) 710-7061
Derek_Tonkin () Baylor edu<mailto:Derek_Tonkin () Baylor edu>

External Mailing Address
One Bear Place #97268
Waco, TX 76798-7268
[Description: bearawarefinal]