On Nov 5, 2012, at 9:05 AM, Andrew Hendrickson wrote:
> I believe that identifying the page as "non UVM" will be the issue in these cases. Many of our users do not look at URLs and do not understand what the URL means.
Yes, that's a challenge. One message contained an explicit URL, but "weblogin.uvm.edu" was part of it. The other message had "Click Here". So we have to teach people to (1) hover their cursors over links to see what they really are, and (2) recognize the server part of a URL. In sessions I've taught, I've been pleasantly surprised that in a group of 6-12 people, at least one or two people know these techniques — but that, of course, leaves plenty of people who don't.
Perhaps more encouraging, many people, even those who don't know how to check out a link in email, can still smell a phish, and know to ignore or delete without fully analyzing it.
I think the other step we as IT professionals could teach our students, faculty, and staff, is to change one's password immediately upon having a suspicion that one has just fallen for a phish. When I ask what to do in that situation, lots of people will say, "contact you", but then we talk about the best first step being to change one's password and shut out the criminals before they can use and abuse one's account.
The fact that UVM has 2500+ new email users every fall certainly works to phishers' advantage. We need to educate this group early on (and we need more safe computing instruction in K-12!). We're getting closer to being able to "offer" video-based education in this area, and I see incoming students, faculty, and staff as the primary audience.
Does anyone have successful educational strategies they could share?
> On Nov 5, 2012, at 9:01 AM, Dean Williams <[log in to unmask]> wrote:
>> Good morning, all.
>> ETS has published an alert for two phishing scams reported over the weekend.
>> Both include links to the same Romanian phishing web site, and both appear to come from uvm.edu email addresses. One addresses people with their [log in to unmask] email addresses, and one includes a nice graphic for "The University of Vermont." Although those tactics can be convincing, I think the best advice for our non-IT students and colleagues is that UVM will never ask anyone to enter his or her Net-ID and password on a non-UVM web page.
>> Thanks to those who reported these phish to us. Fortunately, the phishing site seems to be down at the moment.
>> -Dean Williams
> Andrew Hendrickson
> CAS IT Administrator
> UVM, College of Arts & Sciences
> 438 College Street #206
> Burlington, VT
> 802-656-4529 (fax)
> [log in to unmask]
> To submit a request for service please use: