 |
 |
At the recent meeting which I mentioned in my first post in this thread, I jokingly suggested that the users be "educated" by being forced to enter their password ten times before logging in to their email for a month after falling for a phish and getting their account compromised. Unfortunately this capability is not in the IMAP specification. A solution has been inspired by Bart Simpson, writing "I will not..." on his chalk board during the intro of each episode. We could implement Bart's chalk board. Offenders accounts will be locked daily at midnight, for 30 days. To unlock it for the day they have to go to http://chalkboard.msu.edu and successfully type in ten captchas along the lines of: "I will not provide my password in emails", "I will not provide my bank account number in an email, ever, even for Nigerian Princes", or how about: "Lotto does not notify me of winning a contest for which I did not apply, via email". For repeat offenders we could randomize the capitalization of each letter in the sentence. Well Tom, have you got funding for this? Seems like a no-brainer to me. ;-) Brian Hoort | 517-355-3776 ANR Technology Services, MSU -----Original Message----- From: Leo Sell [mailto:[log in to unmask]] Sent: Thursday, November 03, 2011 12:11 PM To: [log in to unmask] Subject: Re: [MSUNAG] blocked from Hotmail Lee, I hope you don't mind that I'm sending your message and my reply to the list. ATS mail team and the Help Desk take a multi-pronged approach. Normally the inception is when the mail team detects activity that reasonably indicates a compromised account. At that point they scramble the password and create a ticket for the HD to further handle. Once we get the ticket, we use any existing methods we can find to try and reach the user regarding their errant situation. When immediate contact is not made, notations are made on the ticket to make sure that proper follow up occurs when the user calls back. Once we have a compromised user on the phone we take a great deal of effort to try and ascertain HOW they compromised their credentials, educate them about how they were tricked and how to avoid a recurrence with advice such as "do not re-use the same password or any similar iteration EVER". Once we have counseled the user in this manner, we go on to advise or remind them how to reset their password. Since some users don't pay good attention to our advise and get recompromised another time or two, either the Help Desk or the mail team can decide to set the user's status to prevent a password reset until the Help Desk staff has talked further with the user. This is particularly used when we have users who never contact us after the password is scrambled and just reset their password on their own. /Leo On 11/3/11 11:44 AM, l duynslager wrote: > Is there any move within the university to require awareness training of > those individuals who's accounts are compromised? > > Just wondered. These people don't live in a vacuum? Their actions are > starting to affect other members of the university user community > negatively. > > Thanks, > > Lee Duynslager > > On 11/3/11 11:39 AM, "Leo Sell"<[log in to unmask]> wrote: -- Leo Sell Academic Technology Help Desk -- I see in the near future a crisis approaching that unnerves me and cause me to tremble for safety of my country; corporations have been enthroned, an era of corruption in High Places will follow, and the Money Power of the country will endeavor to prolong its reign by working upon the prejudices of the People, until the wealth is aggregated in a few hands, and the Republic destroyed. ABRAHAM LINCOLN