Educause Security Discussion mailing list archives
Re: .edu email phishing
From: Jesse Thompson <jesse.thompson () DOIT WISC EDU>
Date: Wed, 2 Apr 2008 14:36:18 -0500
Someone has already contributed a script to import the addresses into a BIND zone for DNSBL queries. I have a script you can use to scan your outbound mail logs which I'll upload soon. You're welcome to contribute your own scripts that serve other functions. Let me know your gmail username and I can make you a member. Jesse Winders, Timothy A wrote:
Thanks, Jesse. I see that you are the owner of that project. Is there a way to automatically incorporate that list into anti-X products? In my case specifically, we use the Barracuda antivirus appliance. While I can manually enter the email addresses, keeping it updated and current over time seems a monumental task. Tim Winders | Associate Dean of Information Technology | South Plains College-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jesse Thompson Sent: Wednesday, April 02, 2008 9:12 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] .edu email phishing http://code.google.com/p/anti-phishing-email-reply/ Jesse Jimmy Kuo wrote:Was this a directed (against caltech.edu) attack or was this one of a family sent to other .edu lists? Has anyone seen one like this for their school? The return address was actually set up for: ask.helpdesk0 () gmail com Jimmy----- Original Message ----- From: "ADMIN HELPDESK" <helpdesk () caltech edu> To: <undisclosed-recipients:> Sent: Monday, March 31, 2008 12:39 PM Subject: VERIFY YOUR CALTECH.EDU EMAIL ACCOUNT NOW. Dear caltech.edu Email Account Owner, This message is from caltech.edu messaging center to allcaltech.eduemail account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused caltech.edu email accounts to create more space for new accounts. To prevent your account from being closed, you will have to updateitbelow so that we will know that it's a present used account. CONFIRM YOUR EMAIL IDENTITY BELOW Email Username : .......... ..... EMAIL Password : ................ Date of Birth : ................. Country or Territory : .......... Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her accountpermanently.Thank you for using caltech.edu Warning Code:VX2G99AAJ caltech.edu Team www.caltech.edu Dear caltech.edu Email Account Owner, This message is from caltech.edu messaging center to allcaltech.eduemail account owners. We are currently upgrading our data base and e-mail account center. We are deleting all unused caltech.edu email accounts to create more space for new accounts. To prevent your account from being closed, you will have to updateitbelow so that we will know that it's a present used account. CONFIRM YOUR EMAIL IDENTITY BELOW Email Username : .......... ..... EMAIL Password : ................ Date of Birth : ................. Country or Territory : .......... Warning!!! Account owner that refuses to update his or her account within Seven days of receiving this warning will lose his or her accountpermanently.Thank you for using caltech.edu Warning Code:VX2G99AAJ caltech.edu Team www.caltech.edu-- Jesse Thompson Email/IM: jesse.thompson () doit wisc edu
-- Jesse Thompson Email/IM: jesse.thompson () doit wisc edu
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Re: .edu email phishing, (continued)
- Re: .edu email phishing Jimmy Kuo (Apr 01)
- Re: .edu email phishing Brewer, Alex D (Apr 01)
- Re: .edu email phishing Lesli Sagan (Apr 01)
- Re: .edu email phishing Michael Behun (Apr 01)
- Re: .edu email phishing Zach Jansen (Apr 01)
- Re: .edu email phishing Dick Jacobson (Apr 02)
- Re: .edu email phishing Theresa Semmens (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Christopher Webber (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Dave Koontz (Apr 02)
- Re: .edu email phishing Jeffrey I. Schiller (Apr 02)
- Re: .edu email phishing Mike Iglesias (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Dave Koontz (Apr 02)
- Re: .edu email phishing Martin Manjak (Apr 03)