Re: Phish Hunter

["Chrisinger, Cory A" <CChrisinger () MADISONCOLLEGE EDU>]

Hello,

I mentioned the Phish Hunter service at the Educause SPC.  The service itself is free (sponsored by Microsoft), but 
requires either an A3+Security )365 license or an A5 license.  We are moving to an A5 license as the cost lift from 
A3+Security is negated by eliminating our current AV products. The service partner we were assigned through Microsoft 
was Enabling Technologies, we were very happy with the results.  The secrete sauce is a series of scripts setting up 
various access controls and reporting in your tenant.  Harvard was correct, it’s a 3-4 week engagement, they work with 
your team twice a week tweaking the settings and provide a report at the end.  We feel it made a huge difference in the 
amount of phishing messages being delivered as well as improved our response time to compromised accounts do to the 
reporting.  Please let me know if you have any other questions.


Thank You,

Cory Chrisinger
CISO, CISSP ID#581915
Phone: (608) 243-4575
Email: cchrisinger () madisoncollege edu<mailto:cchrisinger () madisoncollege edu>

Want to discuss a technology project? Please contact me, or complete the Technology Services Project 
Request<https://madisoncollege365.sharepoint.com/sites/pwaprod/Lists/PMO%20Intake%20Form/NewForm.aspx?Source=/sites/pwaprod/Pages/Thank%20you%20for%20your%20request.aspx>
 form, and we’ll talk!


From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> on behalf of Harvard Townsend 
<harvard.townsend () WHEATON EDU>
Reply-To: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU>
Date: Wednesday, June 12, 2019 at 11:01 AM
To: "SECURITY () LISTSERV EDUCAUSE EDU" <SECURITY () LISTSERV EDUCAUSE EDU>
Subject: Re: [SECURITY] Phish Hunter

When we looked into Phish Hunter recently, the third party vendor/partner needed to set up Phish Hunter definitely was 
not free. You pay Microsoft to license the various products included under the Phish Hunter umbrella (I believe there 
are six different products, but it seems like a moving target) and you pay the third party to set it up. They estimated 
a 3-4 week engagement for a basic set-up to integrate/automate the various tools/products. It was not going to be cheap.
Regards,
--
Harvard Townsend
Director of Infrastructure & Security
Academic & Institutional Technology
Wheaton College, IL
Office: (630)752-5528

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Casanova, Jodi
Sent: Wednesday, June 12, 2019 9:52 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Phish Hunter

Good morning! I attended EduCause Security Professionals Conference in Chicago last month.  At the session titled Stop 
Worrying About Compromised Accounts: O365 Enhanced Security Tools, Phish Hunter was mentioned. There was a member of 
the audience who stated there is a program where Microsoft will have a partner work with a campus to configure Phish 
Hunter. I could have sworn he said “for free”, but I may have been hearing what I wanted to hear. ☺  Does anyone recall 
this or have additional information?

Thank you!

Jodi Casanova
Chief IT Security Officer
Director of Networking/Technical Services
Northern State University
Office    605.626.2564
Cell         605.380.2168