Educause Security Discussion mailing list archives
Re: Notifying organizations when you receive phishing e-mails from them
From: Bob Bayn <bob.bayn () USU EDU>
Date: Fri, 25 Jan 2013 16:50:43 +0000
I always try to contact the host site of phishing spam if it is an edu, k12 or apparent health care site and was received here in the past few hours (not days). I have the IP of the smtp host so I check whois or I find their website and look for contact info. Looking back in my sent messages, I've sent 5-10 per week lately. Bob Bayn SER 301 (435)797-2396 IT Security Team Office of Information Technology, Utah State University three common hazardous email scams to watch out for: 1) unfamiliar transaction report from familiar business 2) attachment with no explanation in message body 3) "phishing" for your email password ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Tonkin, Derek K [Derek_Tonkin () BAYLOR EDU] Sent: Friday, January 25, 2013 9:15 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Notifying organizations when you receive phishing e-mails from them Does anyone try to reach out to the IT departments of organizations you receive phishing e-mails from? We received some today that is coming from an @nih.gov account and I was trying to determine how I could notify them. I got to thinking that it might be a worthwhile to build a page on our website where we could allow outside organizations to report spam/phishing messages from accounts on our domain. Has anyone else done this or even considered it? Thanks! ___________________________________________________________ DEREK TONKIN Information Security Analyst ITS – Networking Systems DPKG Suite 117.3 (254) 710-7061 Derek_Tonkin () Baylor edu<mailto:Derek_Tonkin () Baylor edu> External Mailing Address One Bear Place #97268 Waco, TX 76798-7268 [Description: bearawarefinal]
Current thread:
- Notifying organizations when you receive phishing e-mails from them Tonkin, Derek K (Jan 25)
- Re: Notifying organizations when you receive phishing e-mails from them Roger A Safian (Jan 25)
- Re: Notifying organizations when you receive phishing e-mails from them Jacobson, Dick (Jan 25)
- Re: Notifying organizations when you receive phishing e-mails from them Lorenz, Eva (Jan 25)
- Re: Notifying organizations when you receive phishing e-mails from them Bob Bayn (Jan 25)
- Re: Notifying organizations when you receive phishing e-mails from them Roger A Safian (Jan 25)