Educause Security Discussion mailing list archives
Re: Question regarding Marketscore spyware
From: Joel Rosenblatt <joel () COLUMBIA EDU>
Date: Wed, 1 Dec 2004 21:53:32 -0500
Yes .. we have lots of experience. We are blocking access to our most sensitive application. Access to other applications that require authentication are being logged and an email is being sent to the user with the time and date of the access. We are asking them to remove the Marketscore software if they are accessing confidential data since this constitutes a violation of university policy. The interesting thing is that many people are using computers in semi public areas to check their email and we are finding Marketscore installed on them. Below is a copy of the email we are sending ... the <records> is being filled in with all of the accesses from a Marketscore proxy server. ================================================================================= A security scan (**see below) of access to Columbia's online systems shows that you have installed network software that CAPTURES YOUR CONFIDENTIAL INFORMATION. The dates and times you used this service to reach Columbia are listed at the end of this message. You may have installed the software by clicking on an offer of "Faster Surfing at No Cost," "Free Internet Accelerator," "Defend Against Email Viruses," "Win Luxury Prizes," or "Join Our Exclusive Panel of Law Students." The system capturing your information is run by Marketscore.com and operates under other names like jdcouncil.org. By agreeing to install the software and use their service, you allow Marketscore to see the information you send over the Internet. Depending on the online services you use, this can include * Credit card numbers, * Banking information, * Products purchased and prices paid, * Prescriptions ordered, and so on. This information is visible to Marketscore even when you use secure connections and the lock on your browser is closed. While we do not believe that Marketscore will use your information in any way not described in their Terms and Conditions and Privacy Policy (which can be seen at marketscore.com), we strongly recommend removing the software. NOTE: If you use University systems to display confidential information for others, such as employment or pay records, grades, or similar data, you MUST IMMEDIATELY REMOVE the software from any computer that you use to access such information. Such access is a violation of University policy. REMOVAL: If you wish to remove this service, please copy and paste this link into your browser and follow the instructions: www.columbia.edu/acis/security/howto/remove/marketscore.html **The scan does not look at the contents of your computer, transmissions, or email. It only records that a connection was made via the service that captures your information. The security scan is part of the University's information security initiative. DATES & TIMES: The log shows that you used Marketscore at these times: <RECORDS> AcIS Security Group security () columbia edu ============================================================================= IHTH Joel Rosenblatt Joel Rosenblatt, Senior Security Officer & Windows Specialist, AcIS Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033 http://www.columbia.edu/~joel --On Wednesday, December 01, 2004 5:26 PM -0600 Jason Richardson <A00JER2 () WPO CSO NIU EDU> wrote:
Hi all, I just read an article about the threat that this flavor of spyware poses to edus and that several, including those represented by frequent posters here and on Unisog, have blocked all access to/from their networks. Has anyone else had any experience with it? We have not (yet) to the best of my knowledge. Here's the story - http://www.pcworld.com/news/article/0,aid,118757,tk,dn120104X,00.asp. TIA, --- Jason Richardson Manager, IT Security and Client Development
********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Question regarding Marketscore spyware Jason Richardson (Dec 01)
- <Possible follow-ups>
- Re: Question regarding Marketscore spyware Joel Rosenblatt (Dec 01)
- Re: Question regarding Marketscore spyware Gary Flynn (Dec 01)
- Re: Question regarding Marketscore spyware Gary Flynn (Dec 01)
- Re: Question regarding Marketscore spyware Brent Sweeny (Dec 01)
- Re: Question regarding Marketscore spyware Gary Dobbins (Dec 02)
- Re: Question regarding Marketscore spyware Steele, John E. (Dec 02)
- Re: Question regarding Marketscore spyware Lutzen, Karl F. (Dec 02)
- Re: Question regarding Marketscore spyware Gary Flynn (Dec 02)
- Re: Question regarding Marketscore spyware Joel Rosenblatt (Dec 02)
- Re: Question regarding Marketscore spyware Dave Monnier, IT Security Office, Indiana University (Dec 02)
- Re: Question regarding Marketscore spyware rwatts (Dec 02)
(Thread continues...)