Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New e-mail attack using valid webmail accounts

From: Zach Jansen <zjanse20 () CALVIN EDU>
Date: Mon, 10 Mar 2008 10:08:42 -0400
When we saw this a few weeks ago it was a targeted attack. We received two rounds of phishing emails targeting our 
institution that were soliciting usernames and passwords. The phishing email itself was generic (Dear user) and had 
pretty poor grammar and spelling. It appeared to be one of two email that this particular attacker was using to gather 
accounts and the only part that changed was which "service team" the email was forged  from. Anyone using a webmail 
account who responded had their account abused to send further phishing emails as well as various types of scam emails. 

Zach


On 3/7/2008 at 3:26 PM, in message

<0339279484D4314F90BBD1775E1F1EB905E1DD0A () cnex huc int>, "Bruggeman, John"
<jbruggeman () HUC EDU> wrote:

Did you find out what account was compromised or who was sending the
spam?  What I'm wondering is if the attack was random or if someone
targeted your site?
Previous By Date Next
Previous By Thread Next

Current thread: