Educause Security Discussion mailing list archives
Re: More spear phishing + vishing
From: "Jenkins, Matthew" <matthew.jenkins () FAIRMONTSTATE EDU>
Date: Fri, 4 Jul 2008 12:29:11 -0400
Thanks Julie for posting this. I had mentioned to others here at our university several months ago that attackers would end up using phone calls once we blocked the e-mail avenue. We had seen e-mails telling people to call automated numbers but, to my knowledge, have not received any automated calls or SMS messages. Has anyone had any attacks that solicit campus account information via phone that you are aware of? Matt Matthew Jenkins Network/Server Administrator Fairmont State University Visit us online at www.fairmontstate.edu <https://fsmail.fairmontstate.edu/exchweb/bin/redir.asp?URL=http://www.fairmontstate.edu/> ________________________________ From: The EDUCAUSE Security Constituent Group Listserv on behalf of Fugett, Julie C Sent: Thu 7/3/2008 10:48 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] More spear phishing + vishing I just wanted to add that these people (I use the term loosely) are now text messaging members of the Lawrence and KU communities. We're keeping people updated via our blog, among other places. The entry is here: http://www2.ku.edu/~privacy/cgi-bin/mydrupal/?q=node/91 -Julie ________________________________ From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Fugett, Julie C Sent: Monday, June 30, 2008 4:30 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] More spear phishing + vishing I wanted to share this as it may be arriving soon at a community near you. KU and the Lawrence community were hit by a hybrid phishing and vishing (voice phishing) attack over the weekend. Residents received calls Saturday night. The calls do not appear to be limited to just members of the KU community--my theory is they were wardialing through all the local exchanges. I had a message on my machine from about 10pm, but according to the paper some people were called as late (early?) as 1:30-2am. It appeared that the group doing the calling may have followed up with e-mails as well. http://www2.ljworld.com/news/2008/jun/30/beware_fraudulent_callers_soliciting_personal_info/ <http://www2.ljworld.com/news/2008/jun/30/beware_fraudulent_callers_soliciting_personal_info/> -Julie ____________________________________________ Julie C. Fugett, CISSP, CCE Information Security Analyst IT Security Office, A division of Information Services The University of Kansas http://www.security.ku.edu <http://www.security.ku.edu/> http://www.beseKUre.ku.edu <http://www.besekure.ku.edu/>
Current thread:
- Re: More spear phishing + vishing Fugett, Julie C (Jul 03)
- <Possible follow-ups>
- Re: More spear phishing + vishing Jenkins, Matthew (Jul 04)
- Re: More spear phishing + vishing Fugett, Julie C (Jul 04)