Educause Security Discussion mailing list archives
Re: Compromised accounts at other institutes
From: Roger A Safian <r-safian () NORTHWESTERN EDU>
Date: Fri, 25 Apr 2014 16:27:56 +0000
We block the URL's with our Palo Alto. If a message looks well crafted with language and logos we will also remove it from the mail system. Sent on the new Sprint Network from my Samsung Galaxy S®4. -------- Original message -------- From: Frank Barton Date:04/25/2014 11:24 AM (GMT-06:00) To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Compromised accounts at other institutes We are seeing a massive increase in the number of spear-phishing attempts being directed at our users. Many of these are coming from compromised accounts at other universities. The couple of folks that we have had fall for these phishing attempts seem to have their accounts used to send further spear-phishing attempts to yet more universities. Aside from the obvious account security steps to take when we detect a compromised account on our system, what steps (if any) are others taking when you get messages that are symptomatic of compromised accounts at other universities? Thank You -- Frank Barton Apple Certified Mac Technician Technology Support Coordinator Husson University
Current thread:
- Compromised accounts at other institutes Frank Barton (Apr 25)
- Re: Compromised accounts at other institutes Brad Judy (Apr 25)
- Re: Compromised accounts at other institutes Roger A Safian (Apr 25)
- Re: Compromised accounts at other institutes charlie derr (Apr 25)
- Re: Compromised accounts at other institutes Frank Barton (Apr 25)
- Re: Compromised accounts at other institutes Ken Connelly (Apr 25)
- Re: Compromised accounts at other institutes Frank Barton (Apr 25)
- Re: Compromised accounts at other institutes Bob Bayn (Apr 25)
- Re: Compromised accounts at other institutes Frank Barton (Apr 25)
- Re: Compromised accounts at other institutes Joel L. Rosenblatt (Apr 25)
- <Possible follow-ups>
- Re: Compromised accounts at other institutes Joe St Sauver (Apr 25)
- Re: Compromised accounts at other institutes Bob Bayn (Apr 25)