Educause Security Discussion mailing list archives

Re: Phishing take down notices.

From: "Haas, Mike" <mhaas () LRHSD ORG>
Date: Wed, 21 Jun 2017 19:27:06 +0000

I submit it to google "report phishing page" , send an email to the US-CERT report phishing site email alias and also
submit it to our AV vendor

Sent from my iPhone
-------------------------
Michael Haas
Information Technology Coordinator
Lenape Regional High School District

On Jun 21, 2017, at 15:21, Ford, Bryan <bryan.ford () NDUS EDU<mailto:bryan.ford () NDUS EDU>> wrote:

How are you reporting a takedown notice for a phishing site. Presently we have no standard for takedown notices. We
will notify the Domain owner most times, but it seems to take them sometime to do it.
I know there is phishing reporting sites for just about every vender out there. I tried Phishtank and the voting thing
in my very novice view is clunky at best. Is anyone a member of APWG and a phishing reporter ?
If so any wisdom on how it works. I see there a site in the APWG where you can report phishing but you also need the
header information, 90 % of the time we don't get when a user reports phishing.
We have been playing with the Netcraft toolbar extension and like the end user ability to report phishing directly, but
we are just evaluating it. I am in the belief that most anti phishing venders
use a feed from at least one organization to populate their databases. Forgive me if this has be addressed but I could
not find anything in Educause on this subject.

Sincerely

Bryan

Bryan Ford
Information Security
NORTH DAKOTA
University System
Core Technology Services
4349 James Ray Drive
Grand Forks, ND 58203
701.777.6484 (o)
cts.ndus.edu<http://cts.ndus.edu>

********************************************************** This electronic transmission and any documents transmitted
as attachments contain information from the Lenape Regional High School District that may be proprietary, confidential
and/or privileged under state or federal law. The information is intended for the sole use of the individual(s) or
entity named above. The individual(s) or entity named above as the receipt of this information is expressly prohibited
from disclosing this information to any other party unless required to do so by state or federal law or regulation. If
you are not the intended recipient, be aware that any disclosure, copying or distribution or use of the contents of
this electronic transmission and any document attachments is expressly prohibited. If you have received this electronic
transmission in error, please notify the sender immediately by replying to the address listed above and delete or
destroy all copies of the original electronic transmission. The Lenape Regional High School District does not ensure
that any electronic transmission of health or educational information will be secure or virus-free, and the sender does
not accept liability for any errors or omissions, viruses or security breaches which may arise as a result of this
electronic transmission.vstaff20051130

Current thread:

Phishing take down notices. Ford, Bryan (Jun 21)
- Re: Phishing take down notices. Haas, Mike (Jun 21)
- Re: Phishing take down notices. Keith Hartranft (Jun 21)
  - Re: Phishing take down notices. Ford, Bryan (Jun 22)
- Re: Phishing take down notices. Joel Anderson (Jun 21)
- Re: Phishing take down notices. Philip Webster (Jun 21)