How to help your messages not look too risky to read


Maybe you’ve thought it yourself: That message in my inbox is probably legitimate, but it looks like phishing. Campuses are well aware of the dilemma of sending emails that resemble the scams they often warn against. Fortunately, a few simple measures can help those messages look legitimate.

Petr Brym, assistant chief information security officer for UC Davis, will join an Educause online panel from noon to 1 Wednesday, Feb. 21, that discusses those measures in “How to Avoid Making Legitimate Campus Messages Look Phishy.” (Attending is free; for details, scroll down to the HEISC Online Events section on the Educause website.)

Brym says he’ll talk about “sending clean messages; registering [your] messages on a known or authenticated website, like UC Davis does; not forgetting about vishing [phone call phishing] and other venues by which fraudulent activity takes place; and standard disclaimers that can be put into e-mail messages to help the recipient distinguish legitimate from potentially fraudulent messages.”

The seminar will highlight concepts that are promising, if not new. “Not every phishing mitigation method works the same way,” he says. “Institutional culture and other local factors can influence which methods can help the most, and we want to generate dialogue about realistic scenarios.”

Brym joined UC Davis last November. He has worked as an IT director at the University of New Hampshire and UC Berkeley, and his last job before coming here was IT chief security officer for Student Affairs at Cal. He is a member of the Higher Education Information Security Council for Educause.

Other members of the panel are HEISC colleagues Valerie Vogel, Patricia Clay and Edward Hudson.