Home page logo

educause logo Educause Security Discussion mailing list archives

Mitigating Phishing Attacks
From: Christopher Jones <Christopher.Jones () UFV CA>
Date: Wed, 14 Nov 2012 20:04:24 +0000

We have experienced a number of targeted phishing attacks recently.  Because the most recent phish led its victims to 
provide their network credentials via a realistic looking OWA logon page, we took the following steps to deal with some 
resultant compromised accounts:

*         immediately reset the passwords for the affected accounts,

*         restarted, the IIS service to stop any active webmail sessions

*         alerted the user community

It got me to wondering how other institutions deal with similar situations where user accounts have been compromised.  
If anyone would care to share, I would be interested how you have handled similar situations. It would be useful to 
know your top 3 strategies for preventing and mitigating such occurrences.  Thanks.

Christopher Jones
IT Security Analyst
University of the Fraser Valley
Christopher.Jones () ufv ca<mailto:Christopher.Jones () ufv ca>

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]