Educause Security Discussion mailing list archives
Re: Repeat offenders during phishing campaign
From: Greg Williams <gwillia5 () UCCS EDU>
Date: Tue, 21 Mar 2017 17:05:39 +0000
While I'm not technically in my IT security department anymore - I still always have that hat on, so that being said, here's my response. I think phishing campaigns work when they are used for training purposes. The moment that you single out people, IT now becomes a spy entity and you lose trust with not only the individuals who you singled as repeat offenders, but everyone who the repeat offenders also then tell. When CU first started phishing campaigns years ago, it was specifically stated that absolutely no one, with the exception of the person running the campaign know, who fell for it. This keeps trust intact in my opinion. Real phishing compromises are different and they should be talked to and singled out because there are consequences. Greg Williams, ME Director of Networks and Infrastructure Information Technology Adjunct Faculty Department of Computer Science - College of Engineering and Applied Science University of Colorado Colorado Springs 1420 Austin Bluffs Parkway, (EPC 136A) Colorado Springs, CO 80918 Phone: (719) 255-3292 www.uccs.edu<http://www.uccs.edu/> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Rob Milman Sent: Tuesday, March 21, 2017 10:30 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Repeat offenders during phishing campaign Hi everyone, We have been running a phishing campaign since last fall. There have been a small number of repeat offenders, which our vendor has identified as high-risk individuals. Have any of you dealt with this situation and developed a process that you'd like to share? Thanks, Rob [cid:image004.png@01D18F19.9217E950] Rob Milman Security & Compliance Analyst Information Systems Southern Alberta Institute of Technology EH Crandell Building, GA 214 1301 - 16 Avenue NW, Calgary AB, T2M 0L4 (Office) 403.774.5401 (Cell) 403.606.3173 rob.milman () sait ca<mailto:rob.milman () sait ca>
Current thread:
- Repeat offenders during phishing campaign Rob Milman (Mar 21)
- Re: Repeat offenders during phishing campaign Barton, Robert W. (Mar 21)
- Re: Repeat offenders during phishing campaign Greg Williams (Mar 21)
- Re: Repeat offenders during phishing campaign McCrary, Barbara (Mar 21)
- Re: Repeat offenders during phishing campaign Ben Woelk (Mar 21)
- Re: Repeat offenders during phishing campaign Rob Milman (Mar 21)
- Re: Repeat offenders during phishing campaign James Valente (Mar 21)
- Re: Repeat offenders during phishing campaign Frank Barton (Mar 21)
- Re: Repeat offenders during phishing campaign James Valente (Mar 21)
- Re: Repeat offenders during phishing campaign Urrea, Nick (Mar 21)
- Re: Repeat offenders during phishing campaign Steven Alexander (Mar 21)
- Re: Repeat offenders during phishing campaign Brad Judy (Mar 21)
- Re: Repeat offenders during phishing campaign Vest, Shawn E (Mar 26)
- Re: Repeat offenders during phishing campaign Rob Milman (Mar 21)