Educause Security Discussion mailing list archives
Re: Small cheap custom phishing
From: Steve Bohrer <skbohrer () SIMONS-ROCK EDU>
Date: Tue, 12 Nov 2013 19:11:28 -0500
On Nov 12, 2013, at 6:52 PM, Pete Hickey <pete () SHADOWS UOTTAWA CA> wrote:
Ok... you have three that were caught... Out of how many sent? 100?... 200?... Think of this... if there were only 3 caught aout of 100, that<s 97% of people not fooled.... In any other kind of thing, 97% success would be considered FANTASTIC! Look at a normal curve. You'll always have some on the fringe. In general, most people are smarter than we 'security people' give them credit for.
Thanks, but, unfortunately, I don't actually have any way to know how many were caught, until they start sending spam…so the percentage may go up a bit! The PHP Forms people took down the target page quite quite quickly yesterday evening -- our tip off was that we received the phish messages in our own mailboxes, and also got concerned notes from several faculty and staff who recognized it as a pretty good attempt. The bad guys started spamming from their first account last night about 2 AM, and then fired off from the second at about 10 AM, and ran their attack towards Rider at about 4 PM this afternoon. So, we're not sure how many more accounts they might have ready-to-go. But, so far, all the ones they got were alums from the 2002-03 era, which was really before we were doing anti-phish user education, or at least before I was here doing it. Steve Bohrer ITS, Bard College at Simon's Rock 413-528-7645
Current thread:
- Small cheap custom phishing Steve Bohrer (Nov 12)
- Re: Small cheap custom phishing Pete Hickey (Nov 12)
- Re: Small cheap custom phishing Steve Bohrer (Nov 12)
- <Possible follow-ups>
- Re: Small cheap custom phishing Albert Lunde (Nov 13)
- Re: Small cheap custom phishing Pete Hickey (Nov 12)