Educause Security Discussion mailing list archives
Re: Recent Phishing Uptick
From: Mally Mclane <mally.mclane () BRISTOL AC UK>
Date: Thu, 20 Feb 2014 16:42:33 +0000
Josef Don't suppose you could share the regex? Mally On 20 Feb 2014 16:37, "Josef Fortier" <fortier () augsburg edu> wrote:
We are using Google Apps, which does not offer the content altering functionality that IronPort does. But it does offer "Content compliance" which offers enough to be mildly useful here. We've set up a set up a rule to a apply a set of regexes against messages looking for the free hosting sites which, if matched triggers "Prepend Custom Subject" with a simple light warning (and a copy to an alerting mailbox). A quick glance at the recent matches shows a handful every few days, with about 1/4 phishes (the rest are typically forwarded emails with personal web pages). We've received no complaints about this policy since we implemented it 6 months ago.Your "Modify the spam before delivering" trick is awesome! Whichmailsystem are you using, and can you share a bit more about your technique? -- __________________________________________________________________________ Josef Fortier Systems Administrator fortier () augsburg edu Phone: 612-330-1479 __________________________________________________________________________
Current thread:
- Re: Recent Phishing Uptick, (continued)
- Re: Recent Phishing Uptick Joel L. Rosenblatt (Feb 20)
- Re: Recent Phishing Uptick David Curry (Feb 20)
- Re: Recent Phishing Uptick Ejike, Emechete C. (Feb 20)
- Re: Recent Phishing Uptick Joel L. Rosenblatt (Feb 20)
- Re: Recent Phishing Uptick David Curry (Feb 20)
- Re: Recent Phishing Uptick Joel L. Rosenblatt (Feb 20)
- Re: Recent Phishing Uptick Frank Barton (Feb 21)
- Re: Recent Phishing Uptick Mike Iglesias (Feb 21)
- Re: Recent Phishing Uptick Tim Doty (Feb 21)
- Re: Recent Phishing Uptick Mally Mclane (Feb 20)
- More details for Google Apps Phishing warning Josef Fortier (Feb 20)