Educause Security Discussion mailing list archives
Re: Phishing, compromised account and SPAM
From: Mally Mclane <mally.mclane () BRISTOL AC UK>
Date: Wed, 2 Apr 2014 21:47:39 +0100
Hi, I think a problem we have (without any evidence to back it up..) that we promoted Postini and Gmail to be so good at blocking things that when stuff does get through, it's almost viewed by some as genuine, because it wasn't blocked... Mally On 2 Apr 2014 21:42, "Banks, Teresa E - (tbanks)" <tbanks () email arizona edu> wrote:
Phishing is truly the bane of our existence. One thing we recently did was set up an RSS feed phishing alert (hxxp:// security.arizona.edu/phishing-alerts.xml). It has helped increase the number of reports our office is getting, and also provides us an extra opportunity to give our users information on recognizing a phish. We have devoted a lot of printed materials to the issue, warnings, awareness presentations, etc. Our last newsletter was completely dedicated to phishing. You can find it at hxxp://security.arizona.edu/securecat-courier. I'm sure there are other good ideas out there as well. Believe me, I sympathize. . . . *Teresa E. Banks* Manager, Information Security & Compliance Programs University of Arizona Information Security tbanks () email arizona edu Phone: 520.621.8476 *From:* The EDUCAUSE Security Constituent Group Listserv [mailto: SECURITY () LISTSERV EDUCAUSE EDU] *On Behalf Of *Rob Tanner *Sent:* Wednesday, April 02, 2014 1:20 PM *To:* SECURITY () LISTSERV EDUCAUSE EDU *Subject:* [SECURITY] Phishing, compromised account and SPAM Hi, We are seeing an increase in phishing expeditions as well as a more significant increase in those who fall for them and give their password away. We've tried everything we can think of to educate faculty and staff to the fact that ITS never, ever asked them to revalidate their account by entering their username and password. But it still continues to happen and it looks like what folks are after is an account they can send SPAM through. If it's in the middle of a week-day we catch it pretty early , but evenings and especially week-ends, thousands of email messages with between 40 and 50 recipients each are sent out before we can kill it. So, we are constantly getting on blacklists. I can't imagine that Linfield College is alone in this situation. What are others doing to mitigate the consequences or better yet, prevent from occurring in the first place. Thanks. *Rob Tanner* UNIX Services Manager Linfield College, McMinnville Oregon *ITS will never ask you for your password. Please don't share yours with anyone!*
Current thread:
- Phishing, compromised account and SPAM Rob Tanner (Apr 02)
- Re: Phishing, compromised account and SPAM Banks, Teresa E - (tbanks) (Apr 02)
- Re: Phishing, compromised account and SPAM Mally Mclane (Apr 02)
- Re: Phishing, compromised account and SPAM JR Ramirez (Apr 02)
- Re: Phishing, compromised account and SPAM Kevin Wilcox (Apr 03)
- Re: Phishing, compromised account and SPAM Mally Mclane (Apr 02)
- Re: Phishing, compromised account and SPAM Banks, Teresa E - (tbanks) (Apr 02)
- Re: Phishing, compromised account and SPAM Roger A Safian (Apr 02)
- Re: Phishing, compromised account and SPAM Pollock, Joseph (Apr 02)
- Re: Phishing, compromised account and SPAM Eric Schewe (Apr 02)
- Re: Phishing, compromised account and SPAM JR Ramirez (Apr 02)
- Re: Phishing, compromised account and SPAM Roger A Safian (Apr 02)
- Re: Phishing, compromised account and SPAM JR Ramirez (Apr 02)
- Re: Phishing, compromised account and SPAM Roger A Safian (Apr 02)
- Re: Phishing, compromised account and SPAM JR Ramirez (Apr 02)
- Re: Phishing, compromised account and SPAM Roger A Safian (Apr 02)