Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Compromised accounts at other institutes

From: Roger A Safian <r-safian () NORTHWESTERN EDU>
Date: Fri, 25 Apr 2014 16:27:56 +0000
We block the URL's with our Palo Alto.   If a message looks well crafted with language and logos we will also remove it 
from the mail system.


Sent on the new Sprint Network from my Samsung Galaxy S®4.


-------- Original message --------
From: Frank Barton
Date:04/25/2014 11:24 AM (GMT-06:00)
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Compromised accounts at other institutes

We are seeing a massive increase in the number of spear-phishing attempts being directed at our users. Many of these 
are coming from compromised accounts at other universities. The couple of folks that we have had fall for these 
phishing attempts seem to have their accounts used to send further spear-phishing attempts to yet more universities.

Aside from the obvious account security steps to take when we detect a compromised account on our system, what steps 
(if any) are others taking when you get messages that are symptomatic of compromised accounts at other universities?

Thank You

--
Frank Barton
Apple Certified Mac Technician
Technology Support Coordinator
Husson University
Previous By Date Next
Previous By Thread Next

Current thread: