The Office of Information Security has requested that we change our current process for reporting spam and phishing. We’ll now be forwarding the spam/phishing message, along with the headers, to either firstname.lastname@example.org or email@example.com respectively. The abuse list (firstname.lastname@example.org) is now only going to be used for people trying to contact us from external companies or other educational institutions.
The security team needs the full email sent- just sending the headers is not adequate, as they are using some external tools and mechanisms require more information. There are two ways to address this:
Option 1 [Easier for everyone]: Have the customer forward the email as an attachment to the appropriate address above, using the instructions found at http://oregonstate.edu/helpdocs/safety-and-security/computer-viruses-fraud/blocking-e-mail-spam/reporting-spam-phishing.
Option 2: Once we’ve verified that the customer has forwarded the email to us as an attachment, we can move the ticket to the “Info Security Office” queue.
For the purposes of this process, Phishing is defined as email asking for login credentials or for linking to go to a site that asks for login credentials; otherwise it’s considered spam.