The Phish Bowl: Managing the Phishing Frenzy at Brown University

In August 2013, Brown experienced a significant surge in phishing e-mail, resulting in confused recipients, compromised accounts and identities, and staff inundated with questions. It became clear that a standardized incident response was needed to defend against these ongoing attacks. The Information Security Group worked with CIS's communications, the service center, and web groups to create the Phish Bowl and its supporting response procedures. In August 2014, ISG launched the Phish Bowl campaign, inviting the Brown community to "SPOT the Phish 2 STOP the Phish." This presentation will outline the new procedures, present examples from the campaign, and demonstrate the Phish Bowl.

OUTCOMES: Learn how to leverage the presented model to create a basic "phishing central" and its supporting procedures to manage phishing * Learn how to plan an awareness campaign to empower and engage your users in helping thwart phishing attacks