Educause Security Discussion mailing list archives
Re: [External] Re: [SECURITY] Phishing Blog
From: "Gregg, Christopher S." <csgregg () STTHOMAS EDU>
Date: Fri, 22 Feb 2019 15:09:18 +0000
Here's our version: https://www.stthomas.edu/security/resources/phishing/phishingalerts/ I would say that I don't know how helpful keeping this repository has been for us unless coupled with direct communications about each new type of scam. People don't seem to go to the page without a prompt, and if a new type of scam comes in they contact our help desk or pour phishing inbox (which is good) vs. look at the page to see if it is a known scam. Thanks, Chris Chris Gregg Associate Vice President of Information Security & Risk Management, CISO Information Technology Services (ITS) csgregg () stthomas edu<mailto:csgregg () stthomas edu> p 1 (651) 962-6265 University of St. Thomas | stthomas.edu<https://www.stthomas.edu> From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Telfer, Will Sent: Friday, February 22, 2019 8:51 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [External] Re: [SECURITY] Phishing Blog Unverified external sender. I've posted screen shots with the names & email addresses of the person that reported the phish to us removed to both our social media & a blog site. The scammers are using our graphics (or the graphics of other universities as evidenced by the most recent blog post below) or the graphics of other legitimate businesses often so I doubt they are worried about licensing. Plus it helps educate users that phishing can & will look like legitimate email at times. https://blogs.baylor.edu/phishing/recent-scams/<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fblogs.baylor.edu%2Fphishing%2Frecent-scams%2F&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7Cc2208af1af0e4a5794a608d698d5221c%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C636864438506633808&sdata=REeYCgcNKYjmbdl4QWmmvU%2B79G6TeD8EPRvCrvRBzGM%3D&reserved=0> Thank You, Will Telfer, M.S. Information Security Analyst Information Technology Services [sig] Twitter: @BearAware Facebook: www.facebook.com/BearAware<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.facebook.com%2FBearAware&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7Cc2208af1af0e4a5794a608d698d5221c%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C636864438506643813&sdata=rBqV1HFV7soIWwJ6km2R1gazj7wuuGSEdtQp9ujMygU%3D&reserved=0> From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Hart, Michael Sent: Friday, February 22, 2019 8:46 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: Re: [SECURITY] Phishing Blog We usually use screenshots of actual phishing emails coming in to us. I didn't think about plagiarism and copyright. I would love to have one of the originators contact me with a complaint, though. :) From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU>> On Behalf Of Maud, Phil Sent: Friday, February 22, 2019 2:01 AM To: SECURITY () LISTSERV EDUCAUSE EDU<mailto:SECURITY () LISTSERV EDUCAUSE EDU> Subject: [SECURITY] Phishing Blog Hi I am adding an item on Phishing to our university IT security blog The site will be public so it needs to comply with all plagiarism and copyright considerations To be of use I would like to include examples of phishing emails (as images in the phishing blog item) There are many such images on the Internet but none of these seem to have open licensing such as creative commons enabling me to use them in such a blog Has anyone done this, did they find a good source of images? If so could you tell me where? Alternatively if you have images from campaigns that you have been subjected to (suitably redacted) it would be great if you could share with me thanks Phil Maud Information Security Analyst Information Services Building 63 (IT) G7, Cranfield University, Cranfield, Bedfordshire MK43 0AL E: P.H.Maud () cranfield ac uk<mailto:P.H.Maud () cranfield ac uk> T: +44 (0) 1234 75 4879 W: www.cranfield.ac.uk<https://na01.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.cranfield.ac.uk&data=02%7C01%7Ccsgregg%40STTHOMAS.EDU%7Cc2208af1af0e4a5794a608d698d5221c%7Ca081ff79318c45ec95f338ebc2801472%7C1%7C0%7C636864438506643813&sdata=2Hzuhm9A596rZSf2p8W%2BNAj8QpCBBQHWujS5x294bmA%3D&reserved=0> This email and any attachments to it may be confidential and are intended only for the named addressee. If you are not the named addressee, please accept our apology, notify the sender immediately and then delete the email. We request that you do not disclose, use, copy or distribute any information within it. Any opinions expressed are not necessarily the corporate view of Cranfield University. This email is not intended to be contractually binding unless specifically stated and the sender is an authorised University signatory. Whilst we have taken steps to ensure that this email and all attachments are free from any virus, we advise that, in keeping with good computing practice, the recipient should ensure they are actually virus free.
Current thread:
- Phishing Blog Maud, Phil (Feb 22)
- Re: Phishing Blog Hart, Michael (Feb 22)
- Re: Phishing Blog Frank Barton (Feb 22)
- Re: Phishing Blog Telfer, Will (Feb 22)
- Re: [External] Re: [SECURITY] Phishing Blog Gregg, Christopher S. (Feb 22)
- Re: [EXTERNAL]Re: [SECURITY] Phishing Blog Eyachabbe, Lynnetta J. (Feb 22)
- Re: Phishing Blog Tom Miller (Feb 22)
- Re: Phishing Blog PACC (Feb 22)
- Re: Phishing Blog Ed Jalinske (Feb 22)
- The Slate breakin Mahmud Rahman (Mar 08)
- Re: The Slate breakin Mahmud Rahman (Mar 08)
- Re: The Slate breakin Jon Miner (Mar 08)
- Re: The Slate breakin Nicholas Garigliano (Mar 08)
- Re: The Slate breakin Ruth Ginzberg (Mar 08)
- Re: Phishing Blog Ed Jalinske (Feb 22)
- Re: The Slate breakin Allan Chen (Mar 08)
- Re: Phishing Blog Hart, Michael (Feb 22)