Educause Security Discussion mailing list archives
Re: Response to phishing e-mails
From: "Manjak, Martin" <mmanjak () ALBANY EDU>
Date: Mon, 27 Oct 2014 18:38:29 +0000
Number 1: I try to always thank them. Depending on the circumstances, I may explain the background. ("This came from a compromised account at <some>.edu.") As often as not, we're seeing the phish for the first time because it was forwarded to us by another employee. In that case, we look at the link and set up campus blocks to the site. Even though it can be time consuming, I always try to respond because It makes them feel like they got it right (they properly identified a phishing message), and they're helping to protect the campus by reporting it. These will come in waves, and not everyone will forward the message every time. In fact, your "regulars" will start to develop a sense of commonality as they take the time to examine these messages. The payoff here is that the really unusual ones will grab their attention and they will forward those to you, which is exactly what you want. Although it sounds a bit unseemly, think of it as cultivating a bunch of informers; or a human early warning system. Marty Manjak ISO University at Albany From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Leland Lyerla Sent: Monday, October 27, 2014 2:24 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Response to phishing e-mails As they become more aware of how to identify phishing e-mails, our faculty and staff let us know via e-mail when they come across one in their in-box. I do not want to discourage their vigilance, but I would appreciate any suggestions on how to manage/respond to these messages. Leland
Current thread:
- Response to phishing e-mails Leland Lyerla (Oct 27)
- Re: Response to phishing e-mails Bob Bayn (Oct 27)
- Re: Response to phishing e-mails Brad Judy (Oct 27)
- Re: Response to phishing e-mails Bob Bayn (Oct 27)
- Re: Response to phishing e-mails Brad Judy (Oct 27)
- Re: Response to phishing e-mails Roger A Safian (Oct 27)
- Re: Response to phishing e-mails Manjak, Martin (Oct 27)
- Re: Response to phishing e-mails Joel Anderson (Oct 27)
- Re: Response to phishing e-mails Garmon, Joel (Oct 27)
- Re: Response to phishing e-mails Thomas Carter (Oct 28)
- Re: Response to phishing e-mails Robert Meyers (Oct 28)
- Re: Response to phishing e-mails Nick Semenkovich (Oct 28)
- Re: Response to phishing e-mails Brandon Hume (Oct 28)
- Re: Response to phishing e-mails Thomas Carter (Oct 29)
- Re: Response to phishing e-mails Nick Semenkovich (Oct 29)
- Re: Response to phishing e-mails Brandon Hume (Oct 29)
- Re: Response to phishing e-mails Joel Anderson (Oct 27)
- Re: Response to phishing e-mails Robert Meyers (Oct 29)
- Re: Response to phishing e-mails Bob Bayn (Oct 27)