Educause Security Discussion mailing list archives

Re: Self-Phishing - Pre Launch Messages

From: "Jimenez, Julio" <jjimene2 () UNCFSU EDU>
Date: Tue, 15 Nov 2016 18:37:37 +0000

We provided zero notification to our target group (faculty/staff).  The decision was made in order to obtain metrics 
that would have otherwise been skewed by a notification or warning of an internal phishing campaign.

Julio Jimenez
Information Security Engineer
ITTS
Fayetteville State University
910.672.2988
jjimene2 () uncfsu edu<mailto:jjimene2 () uncfsu edu>

From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of David D 
Grisham
Sent: Tuesday, November 15, 2016 11:34 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Self-Phishing - Pre Launch Messages

Yes please, share this information. We are about a week away from starting on notifications to our staff. I'm 
presenting to management Thursday.
Any type of communication plan that works or is working would be greatly appreciated.
Cheers.-grish
David Grisham
David Grisham, PhD, CISM, CRISC,  CHS III
Manager, Cybersecurity, UNM Hospitals, UNM Health Science Center
505.272.5657
Dgrisham () salud UNM edu<mailto:Dgrisham () salud UNM edu>



From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of James 
Farr
Sent: Tuesday, November 15, 2016 9:20 AM
To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>
Subject: [SECURITY] Self-Phishing - Pre Launch Messages


We are exploring self-phishing options with our faculty staff and possible students.   We want to provide notification 
to the users about the program before we send any actual phishing messages.  We are thinking that notifications should 
be mentioned at orientation with an annual email reminder.

How often do you notify your users about the self-phishing program?

Can anyone share examples of campus notifications sent out prior to implementing this type of program?

James Farr ’05 G’12

Director of Information Security

Utica College

jfarr () utica edu<mailto:jfarr () utica edu>

315-223-2386

Current thread:

Self-Phishing - Pre Launch Messages James Farr (Nov 15)
- Re: Self-Phishing - Pre Launch Messages David D Grisham (Nov 15)
  - Re: Self-Phishing - Pre Launch Messages Jimenez, Julio (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Shettler, David (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Rob Milman (Nov 15)
- Re: Self-Phishing - Pre Launch Messages Eric Weakland (Nov 15)
  - Re: Self-Phishing - Pre Launch Messages Valerie Vogel (Nov 15)
    - Re: Self-Phishing - Pre Launch Messages Sweeney, Sean (Nov 15)
    - Re: Self-Phishing - Pre Launch Messages Eric Weakland (Nov 15)
    - Re: Self-Phishing - Pre Launch Messages Tamara Bahr (Nov 15)
    - Re: Self-Phishing - Pre Launch Messages James Farr (Nov 15)