Hey Folks,

I am a network admin for a school district. Periodically, I send out emails warning about new phishing scams, malicious websites, etc.

I also have an internal web server with examples of scam emails, and a separate site with definitions of security terms and ways to mitigate different attacks. I am trying to take a common sense approach. Basically coaching the users to be very skeptical when it comes to links/attachments in email and social networking sites. [most of which are blocked during school hours, but open up a bit 30 minutes after school lets out].

Are any of you attempting to educate your users? If so, what methods are you using?

It really doesn't matter who you are giving advice to, whether it is users, or your family members... what approaches do you take?

I am just looking for additional ideas here, to cut down on scams making use of social engineering, etc.

Any suggestions, stories, ideas, etc. would be most appreciated.