Educause Security Discussion mailing list archives
Re: jimdo(.)com surges ahead of webs(.)com as a favorite of phishers.
From: Roger A Safian <r-safian () NORTHWESTERN EDU>
Date: Fri, 30 Aug 2013 14:44:30 +0000
FWIW, Yola has been the favorite here, at least this week. We're testing a new process, whereby we prepend some text to message that arrive and have URL's to these domains AND certain keywords. Maybe we can get people to pause a second before they click on the links. From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Bob Bayn Sent: Friday, August 30, 2013 9:39 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] jimdo(.)com surges ahead of webs(.)com as a favorite of phishers. My overnight collection of new phishing links has put jimdo(.)com well ahead of webs(.)com as the host of choice for phish links today. Here's my overnight list: upgreadeyourmailbox.jimdo(.)com dearuserupgreade.jimdo(.)com email-reactivitionlinkaccess.jimdo(.)com itsaccountvalidationprocess.jimdo(.)com routineformaintenance.jimdo(.)com web-adstrator.jimdo(.)com mailboxaccessweb.jimdo(.)com wbactieve.jimdo(.)com staffloginitsupportupgrade2013.jimdo(.)com dutchwebpage.webs(.)com gameonefor.webs(.)com e-mailusers.webs(.)com webcleanup.webs(.)com staffstudentfacaultymailboxcleanup.webs(.)com faculty-staff111.yolasite(.)com verificatinform.yolasite(.)com I have reported all of them to their respective services. Webs(.)com is getting real good about acting on abuse reports quickly - often within a few minutes. Our whole list of known web form hosting services used by phishers can be found at: https://it.usu.edu/computer-security/be-an-internet-skeptic/form-services/ I have crippled all the hostnames so that our mail filter doesn't go crazy when it sees this message come back from the SECURITY list. ;-) Bob Bayn SER 301 (435)797-2396 IT Security Team Office of Information Technology, Utah State University three common hazardous email scams to watch out for: 1) unfamiliar transaction report from familiar business 2) attachment with no explanation in message body 3) "phishing" for your email password
Current thread:
- jimdo(.)com surges ahead of webs(.)com as a favorite of phishers. Bob Bayn (Aug 30)
- Re: jimdo(.)com surges ahead of webs(.)com as a favorite of phishers. Roger A Safian (Aug 30)
- Re: jimdo(.)com surges ahead of webs(.)com as a favorite of phishers. Clouse, Michael J (Sep 03)
- Re: jimdo(.)com surges ahead of webs(.)com as a favorite of phishers. Robert Meyers (Sep 04)
- Re: jimdo(.)com surges ahead of webs(.)com as a favorite of phishers. Roger A Safian (Sep 04)
- Re: jimdo(.)com surges ahead of webs(.)com as a favorite of phishers. Greg Williams (Sep 09)
- Re: jimdo(.)com surges ahead of webs(.)com as a favorite of phishers. Robert Meyers (Sep 04)