 |
 |
Back in November, after some MSU email servers were blacklisted because compromised accounts were used to send out spam. I asked the helpdesk what was being done to educate users, in some responses to that request sent out on this list, some people joked about MSU not having funding for such training. Well, I have a response to this: Infraguard, which is a partnership between the FBI, educational institutions, government and corporate entities has free on line "Information Security Training in the Workplace". This training is under their Identity Theft Education Center. Anyone can use the free flash based training modules, the only cost that an individual might have is if they want to take the certification test and get the certificate. That is $25.00. Module 6 and 7 would be specifically applicable to the specific threats that confront MSU and our users on a day to day basis, I was pleasantly surprised how comprehensive the modules are. Feel free to check it out for yourself: http://infragardawareness.com/flash_course/ Hope this helps, Lee Duynslager On 11/3/11 2:27 PM, "Hoort, Brian" <[log in to unmask]> wrote: >At the recent meeting which I mentioned in my first post in this thread, >I jokingly suggested that the users be "educated" by being forced to >enter their password ten times before logging in to their email for a >month after falling for a phish and getting their account compromised. >Unfortunately this capability is not in the IMAP specification. > >A solution has been inspired by Bart Simpson, writing "I will not..." on >his chalk board during the intro of each episode. We could implement >Bart's chalk board. Offenders accounts will be locked daily at midnight, >for 30 days. To unlock it for the day they have to go to >http://chalkboard.msu.edu and successfully type in ten captchas along the >lines of: "I will not provide my password in emails", "I will not >provide my bank account number in an email, ever, even for Nigerian >Princes", or how about: "Lotto does not notify me of winning a contest >for which I did not apply, via email". For repeat offenders we could >randomize the capitalization of each letter in the sentence. > >Well Tom, have you got funding for this? Seems like a no-brainer to me. > ;-) > >Brian Hoort | 517-355-3776 >ANR Technology Services, MSU > > >-----Original Message----- >From: Leo Sell [mailto:[log in to unmask]] >Sent: Thursday, November 03, 2011 12:11 PM >To: [log in to unmask] >Subject: Re: [MSUNAG] blocked from Hotmail > >Lee, >I hope you don't mind that I'm sending your message and my reply to the >list. > >ATS mail team and the Help Desk take a multi-pronged approach. Normally >the inception is when the mail team detects activity that reasonably >indicates a compromised account. At that point they scramble the password >and create a ticket for the HD to further handle. > >Once we get the ticket, we use any existing methods we can find to try >and reach the user regarding their errant situation. When immediate >contact is not made, notations are made on the ticket to make sure that >proper follow up occurs when the user calls back. > >Once we have a compromised user on the phone we take a great deal of >effort to try and ascertain HOW they compromised their credentials, >educate them about how they were tricked and how to avoid a recurrence >with advice such as "do not re-use the same password or any similar >iteration EVER". Once we have counseled the user in this manner, we go on >to advise or remind them how to reset their password. > >Since some users don't pay good attention to our advise and get >recompromised another time or two, either the Help Desk or the mail team >can decide to set the user's status to prevent a password reset until the >Help Desk staff has talked further with the user. This is particularly >used when we have users who never contact us after the password is >scrambled and just reset their password on their own. > >/Leo > > >On 11/3/11 11:44 AM, l duynslager wrote: >> Is there any move within the university to require awareness training of >> those individuals who's accounts are compromised? >> >> Just wondered. These people don't live in a vacuum? Their actions are >> starting to affect other members of the university user community >> negatively. >> >> Thanks, >> >> Lee Duynslager >> >> On 11/3/11 11:39 AM, "Leo Sell"<[log in to unmask]> wrote: > > >-- >Leo Sell >Academic Technology Help Desk >-- >I see in the near future a crisis approaching that unnerves me and cause >me to tremble for safety of my country; corporations have been enthroned, >an era of corruption in High Places will follow, and the Money Power of >the country will endeavor to prolong its reign by working upon the >prejudices of the People, until the wealth is aggregated in a few hands, >and the Republic destroyed. > >ABRAHAM LINCOLN