Educause Security Discussion mailing list archives
Re: Example of WMF Exploit SPAM Targetting Schools?
From: "H. Morrow Long" <morrow.long () YALE EDU>
Date: Thu, 5 Jan 2006 18:34:53 -0500
We weren't very happy that Mikko put that particular email message with our domain name in it on F-Secure's public weblog. The sender email address is forged and the content and name at the bottom are completely fictional. We received many spam and other complaints -- primarily from recipients in the UK. Examination of the email headers revealed that most of the email messages also originated (surprisingly enough) from UK ISP IP addresses. Comcast took the webpage with WMF exploit on it down quickly. Morrow On Jan 5, 2006, at 5:50 PM, Gary Flynn wrote:
I thought you might find this interesting. I plan to incorporate it into some awareness presentations as an example of mildly targeted social engineering: http://www.f-secure.com/weblog/archives/archive-012006.html#00000768 I seem to remember some other type of virus or fraud using a similar message in the past regarding campus vandalism. It was also interesting that it also tried exploiting Firefox. http://www.frsirt.com/exploits/20060101.mozilla_compareto.pm.php -- Gary Flynn Security Engineer James Madison University www.jmu.edu/computing/security
Current thread:
- Example of WMF Exploit SPAM Targetting Schools? Gary Flynn (Jan 05)
- <Possible follow-ups>
- Re: Example of WMF Exploit SPAM Targetting Schools? H. Morrow Long (Jan 05)
- Re: Example of WMF Exploit SPAM Targetting Schools? Gary Flynn (Jan 05)
- Re: Example of WMF Exploit SPAM Targetting Schools? Barbara Chung (DURTSCHI) (Jan 06)
- Re: Example of WMF Exploit SPAM Targetting Schools? Russell Fulton (Jan 09)
- Re: Example of WMF Exploit SPAM Targetting Schools? David Gillett (Jan 10)