Main Nav

I am sure many of you have experienced the phishing scams hosted on Google spreadsheets. While we report these scams to Google through the Report Abuse link, it seems that the time it takes for Google to remove the phishing site varies significantly. While some links are taken down almost immediately, others stay active for days, if not weeks after multiple reports through the abuse link. 

Also, this maybe coincidence, but I have realized that some of the phishing links hosted on EDU's Google Apps often takes longer for Google to resolve than others. Has anyone noticed the same pattern, and does anyone have any tips on how to escalate these cases when Google fails to respond to the abuse report? Thank you.

Dan Han
Information Security Officer
Virginia Commonwealth University

Comments

It is quite possible that when you report abuse on a Google Apps domain that the complaint is forwarded to the customer (University) for handling. I wouldn't be surprised if there was some variability there.

Frankly, if I were to host a Google Apps Domain (I do, but not for a whole campus) I would want Google to talk to me before removing any contact from my space. There is a trade-off here between having quick response and having Google act as our overlord. I don't believe we really want the later!

-Jeff

I just told someone this morning when they reported a phish message with a Google spreadsheet link, that I'm glad to see Google links in phish messages because they don't deliver malware and they have a "report abuse" link right on the form.  But I hate Google spreadsheet forms because it seems like all of them are password collection pages and so the "service" from Google does more harm than good.

It also seems like Google should have the tools and capacity to intervene automatically when someone makes a form that looks like a password collector.  Or they could send us the entries for our domain when they decide to respond to an abuse complaint.


Bob Bayn              (435)797-2396           IT Security Team
Office of Information Technology,     Utah State University
    three common hazardous email scams to watch out for:
     1) "phishing" for your email password
     2) unfamiliar transaction report from familiar business
     3) attachment with no explanation in the message body

I agree that Google should notify Google Apps administrators and perhaps even delegate certain management rights, such as disabling a form hosted within the institution, to the local Google Apps admin, but do we know whether if Google actually notifies App administrators of affected institutions, or whether if the local Google Apps admins have these management capabilities? We are fairly new to Google Apps here, any Google Apps veterans care to chime in? Thanks.

-Dan

Dan Han
Information Security Officer
Virginia Commonwealth University

Let me know when you get a live person on the phone at Google, that feat alone is worth mentioning in my experience!

Tracy


On Jul 21, 2012, at 2:49 AM, Dan Han wrote:

I agree that Google should notify Google Apps administrators and perhaps even delegate certain management rights, such as disabling a form hosted within the institution, to the local Google Apps admin, but do we know whether if Google actually notifies App administrators of affected institutions, or whether if the local Google Apps admins have these management capabilities? We are fairly new to Google Apps here, any Google Apps veterans care to chime in? Thanks.

-Dan

Dan Han
Information Security Officer
Virginia Commonwealth University

Google called us to see if we needed help with our migration. Then, not too long ago, there was a problem with email delivery and I was able to call phone support and talk to someone within 10 minutes. I have had very good experiences with their support. 

Jacob Steelsmith
Information Technology
Everett Community College
425-259-8707

Please take a minute to help us improve our IT service by completing the IT Feedback Survey. http://goo.gl/ymrXS



  I saw my first example of this last week  Which was technically interesting, but not, I think, as much a cause for concern quite so much as the extent to which it, and another phishing email received today, have clearly been crafted based on information on our public-facing web pages, to achieve new levels of verisimilitude.  (One, for instance, made use of a slang term whose local use is, as far as I know, unique....)

  SOMEBODY (perhaps multiple somebodies) has begun putting unprecedented time and effort into trying to look legitimate to our employees.  That can't be good.

David Gillett
CISSP CCNP

Close
Close


Annual Conference
September 29–October 2
View Proceedings

Events for all Levels and Interests

Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.

Close

Digital Badges
Member recognition effort
Earn yours >

Career Center


Leadership and Management Programs

EDUCAUSE Institute
Project Management

 

 

Jump Start Your Career Growth

Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.

 

Close
EDUCAUSE organizes its efforts around three IT Focus Areas

 

 

Join These Programs If Your Focus Is

Close

Get on the Higher Ed IT Map

Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
 

 

Close

2014 Strategic Priorities

  • Building the Profession
  • IT as a Game Changer
  • Foundations


Learn More >

Uncommon Thinking for the Common Good™

EDUCAUSE is the foremost community of higher education IT leaders and professionals.