Educause Security Discussion mailing list archives
Re: Oxford and Google Apps
From: Bob Bayn <bob.bayn () USU EDU>
Date: Tue, 19 Feb 2013 16:59:19 +0000
Oops, our warning is only added to our inbound messages, so you didn't see what I was referring to. Here's what was added when I got my message back from the listserv. Bob ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Bob Bayn [bob.bayn () USU EDU] Sent: Tuesday, February 19, 2013 7:29 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Oxford and Google Apps Warning: Do not enter your USU A-Number and password on any web form linked from this email message. This warning has been added by Utah State University's Ironport Spam Filter System. Our spam filter has detected a Google Docs Spreadsheet Form link or a PHPformgenerator form link in the message below. Those forms are sometimes used by "phishers" to obtain your USU A-Number and password for their use. The spam filter cannot detect all types of password collection forms, so you still need to be an Internet Skeptic! ==== ORIGINAL MESSAGE BEGINS BELOW THIS LINE ==== I'm including a google docs link from a recent phish here to illustrate how we handle this problem. I expect there will be a warning about the mischief possible with google docs inserted by our spam filter above my message. In that way, we can still allow the relatively rare legitimate use of google docs to proceed. https://docs.google.com/forms/d/1jPFqAvX4n4IW7eZhPoEFpJh9lNEMlKj-QXzpvqxFV_w/viewform?pli=1 By the way, this particular google docs link is still live this morning, even thought I reported it to google last Friday. If you follow the link and submit some bogus data, you will find on the thank you page a link to review the database. Phishers don't often leave that option in, but it did allow me to collect nearly 300 addresses and send out a warning to them, in hopes they see the message before the phisher accesses their account. Bob Bayn SER 301 (435)797-2396 IT Security Team Office of Information Technology, Utah State University three common hazardous email scams to watch out for: 1) unfamiliar transaction report from familiar business 2) attachment with no explanation in message body 3) "phishing" for your email password ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [SECURITY () LISTSERV EDUCAUSE EDU] on behalf of Lorenz, Eva [evalorenz () UNC EDU] Sent: Tuesday, February 19, 2013 7:17 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Oxford and Google Apps I agree that user education is the preferred method to avoid any security incident, not just phishing. I have a question to the list members who have seen positive effects from user awareness training. Do you have any requirement for user awareness training, such as a required annual training for all affiliates? If you do outreach, do you cover all departments or select high value targets, such as finance? I am wondering whether Oxford does any user security training? Blocking Google docs seem like overkill, especially since they admit that the business impact was higher than expected. But allow me to speculate here; maybe options are limited in terms of outreach and blocking seems like a way to limit damage, but possible also has the benefit of making users aware that Google docs can be used as a vehicle for security incidents. Maybe something along the lines of awareness training by impact. In our environment, as other have mentioned already for their universities, blocking Google docs would not work, not even for the timeframe mentioned in the article. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Tracy Mitrano Sent: Tuesday, February 19, 2013 7:11 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Oxford and Google Apps Thoughts on this matter among the experts? http://blogs.oucs.ox.ac.uk/oxcert/2013/02/18/google-blocks/
Current thread:
- Oxford and Google Apps Tracy Mitrano (Feb 19)
- Re: Oxford and Google Apps Drew Perry (Feb 19)
- Re: Oxford and Google Apps Richard Biever (Feb 19)
- Re: Oxford and Google Apps Ken Connelly (Feb 19)
- Re: Oxford and Google Apps Bradner, Scott (Feb 19)
- Re: Oxford and Google Apps Roger A Safian (Feb 19)
- Re: Oxford and Google Apps Hall, Rand (Feb 19)
- Re: Oxford and Google Apps Lorenz, Eva (Feb 19)
- Re: Oxford and Google Apps Bob Bayn (Feb 19)
- Re: Oxford and Google Apps Bob Bayn (Feb 19)
- Re: Oxford and Google Apps Santabarbara, Angelo (Feb 19)
- Re: Oxford and Google Apps Bob Bayn (Feb 19)
- Re: Oxford and Google Apps Santabarbara, Angelo (Feb 19)
- Re: Oxford and Google Apps Roger A Safian (Feb 19)
- Re: Oxford and Google Apps Bob Bayn (Feb 19)
- Re: Oxford and Google Apps Drew Perry (Feb 19)
- Re: Oxford and Google Apps Mike Porter (Feb 19)
- Re: Oxford and Google Apps David Gillett (Feb 19)
- Re: Oxford and Google Apps Justin C. Klein Keane (Feb 19)