Educause Security Discussion mailing list archives
Re: Notifications of external emails
From: "Johnson, Kyle A" <KAJohnson () INDIANATECH EDU>
Date: Wed, 8 Feb 2017 17:38:37 +0000
We have added the below orange bulletin to every email that comes in from an external source. I have really tried to increase the awareness around here by holding presentations, sending out emails, etc. We also haven't had any push back since we added this feature. It isn't perfect, but it can only help raise awareness. Kyle Johnson, GSEC, CEH Information Security Officer <mailto:kajohnson () indianatech edu> kajohnson () indianatech edu / <http://www.indianatech.edu/> www.IndianaTech.edu O: 260-422-5561 x2107 M: 260-343-1606 1600 E. Washington Blvd. / Fort Wayne, IN 46803 PHISHING? Forward the email to abuse () indianatech edu <mailto:abuse () indianatech edu> for reporting and investigation From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Adam Maynard Sent: Wednesday, February 08, 2017 12:26 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Notifications of external emails *CAUTION* This message originated from outside of Indiana Tech. Please analyze the message for phishing before clicking any links and/or opening attachments. You can setup a rule to convert all html URL's into plaintext. This idea got a lot of pushback where I am, but if you're already modifying messages it should be easy. User awareness training is usually the best way to reduce phishing though. Any technical control won't be perfect. You can block know phishing pages/sources, by there's new ones created constantly. -Adam From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Thomas Carter Sent: Wednesday, February 8, 2017 9:58 AM To: SECURITY () LISTSERV EDUCAUSE EDU <mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Notifications of external emails We are trying to combat phishing by making users more aware of emails that come from outside campus vs internal emails. We've trialed using a mail rule to modify the subject line and prepend a flag (like "EXTERNAL:" or similar) but users complained it caused confusion (?) and they didn't like emails to be modified. I suspect a disclaimer added to the body of the message would be either ignored or disliked for the same reasons. Has anyone else done something to somehow flag external emails? What was the feedback? How well does it work? Thomas Carter Network & Operations Manager / IT Austin College 900 North Grand Avenue Sherman, TX 75090 Phone: 903-813-2564 <http://www.austincollege.edu/> www.austincollege.edu
Attachment:
smime.p7s
Description:
Current thread:
- Re: Notifications of external emails, (continued)
- Re: Notifications of external emails Frank Barton (Feb 08)
- Re: Notifications of external emails Thomas Carter (Feb 08)
- Re: Notifications of external emails Valdis Kletnieks (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] Notifications of external emails Cecka, Benjamin (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] Notifications of external emails Frank Barton (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] Notifications of external emails Klein Keane, Justin (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] Notifications of external emails Alan Amesbury (Feb 08)
- Re: [EXTERNAL] Re: [SECURITY] Notifications of external emails Frank Barton (Feb 08)