Educause Security Discussion mailing list archives
Re: Response to phishing e-mails
From: Joel Anderson <joela () UMN EDU>
Date: Mon, 27 Oct 2014 13:57:46 -0500
We absolutely encourage these reports - we even have a special email " phishing () umn edu" to receive the messages. This puts them in a special queue *and* gets a custom reply thanking and telling them how to give message headers (in case they didnt'). We block email replies, divert DNS to form pages as well as thanking the informants. In addition, we seed information into forms to discover where attackers are coming from if (when!) they are successful. I just put out a SANS paper on this process. -- -- --------------------------------------------------- joel anderson * joela () umn edu * @joelpetera --> 612-625-7389 --> pager: 612-648-6823 Security Coordinator University Information Security - University of Minnesota
Current thread:
- Response to phishing e-mails Leland Lyerla (Oct 27)
- Re: Response to phishing e-mails Bob Bayn (Oct 27)
- Re: Response to phishing e-mails Brad Judy (Oct 27)
- Re: Response to phishing e-mails Bob Bayn (Oct 27)
- Re: Response to phishing e-mails Brad Judy (Oct 27)
- Re: Response to phishing e-mails Roger A Safian (Oct 27)
- Re: Response to phishing e-mails Manjak, Martin (Oct 27)
- Re: Response to phishing e-mails Joel Anderson (Oct 27)
- Re: Response to phishing e-mails Garmon, Joel (Oct 27)
- Re: Response to phishing e-mails Thomas Carter (Oct 28)
- Re: Response to phishing e-mails Robert Meyers (Oct 28)
- Re: Response to phishing e-mails Nick Semenkovich (Oct 28)
- Re: Response to phishing e-mails Brandon Hume (Oct 28)
- Re: Response to phishing e-mails Thomas Carter (Oct 29)
- Re: Response to phishing e-mails Nick Semenkovich (Oct 29)
- Re: Response to phishing e-mails Brandon Hume (Oct 29)
- Re: Response to phishing e-mails Joel Anderson (Oct 27)
- Re: Response to phishing e-mails Robert Meyers (Oct 29)
- Re: Response to phishing e-mails Bob Bayn (Oct 27)
- Re: Response to phishing e-mails Paul Chauvet (Oct 29)