Educause Security Discussion mailing list archives
Detecting phishing messages
From: Erik D Evans <evanse () BGSU EDU>
Date: Fri, 5 Jan 2018 13:50:34 +0000
All, We're currently in the process of implementing Cisco Email Security for our O365 environment. During this process we have been discussing some additional steps we would like to take to help warn and educate our users about phishing. One thing we are considering is setting up a dictionary containing common words we see in phishing messages such as the one I have included below. We regularly see words such as kindly, verify, validate, important, urgent, account, etc... What we would like to do with this is if we see a message that has more than one of these words, AND a link to an external web site - prepend a warning to the message and make the URL unclickable. However, we have some concern about how many false positives we will get with this approach. My question is, have any other schools taken a similar approach to flag messages based on keywords like this? If so, would you be willing to share what keywords you are matching on and speak to how many false positives you typically run in to? Thanks, _______________________ Erik Evans Information Security Analyst Information Technology Services Bowling Green State University evanse () bgsu edu<mailto:haschak () bgsu edu> http://www.bgsu.edu/infosec This e-mail, including any attachments, may contain information that is protected by law as privileged and confidential, and is transmitted for the sole use of the intended recipient. If you are not the intended recipient, you are hereby notified that any use, dissemination, copying or retention of this e-mail or the information contained herein is strictly prohibited. *********************************************************** Dear BGSU E-mail User, We noticed some of your pending in-coming E-mails in our system due to lack of our recent up-date which may lead to permanent delete of your account from our data-base. Kindly take a minute to complete our up-date below, Click ***link removed*** Help us protect your account from malicious activities. Regards. Thanks for your co-operation. BGSU IT Email Team, BGSU Support Help Desk, (c) Copyright 2017 Bowling Green State University
Current thread:
- Detecting phishing messages Erik D Evans (Jan 05)
- Re: Detecting phishing messages Keith Hartranft (Jan 05)
- Re: Detecting phishing messages Hart, Michael (Jan 05)
- Re: Detecting phishing messages Keith Hartranft (Jan 05)
- Re: Detecting phishing messages Hart, Michael (Jan 05)
- <Possible follow-ups>
- Re: Detecting phishing messages Joseph Tam (Jan 05)
- Re: Detecting phishing messages Keith Hartranft (Jan 05)