Educause Security Discussion mailing list archives

Phishing Links


From: James Farr '05 <jfarr () UTICA EDU>
Date: Wed, 7 Jul 2010 14:05:41 -0400

It is hard to educate some users on the difference between legitimate and
phony web links in email, and it is easy enough to fake a website.  For that
reason I would like to propose that no official college communication is
sent with an active link in it.

Problems,

Some clients while trying to be helpful make links clickable that I do not
want clickable.

Links can be inserted as a picture, but not all clients show pictures by
default.

We can give directions to a website, in order to check your mail go to our
homepage, click on login and select webmail, but some users cannot/will not
follow those instructions.

 

Would this solution cause more harm than good?

 

What are your thoughts/rules?

 

IITS will never ask you for your password.  Never email your password to
anyone.

 

James Farr

Information Security Officer

Instructional Technologist

Utica College

 <mailto:jfarr () utica edu> jfarr () utica edu

315-223-2386

 

 


Current thread: