Educause Security Discussion mailing list archives
Re: .edu email phishing
From: Jimmy Kuo <cjkuo () VERIZON NET>
Date: Tue, 1 Apr 2008 12:39:31 -0700
Are you (general/educause) pretty well set up with takedown requests for these email accounts at the various ISPs? If not, I encourage you as a group to set something up. (I can only offer a little bit of help as my specialty is in another area of security (antimalware). I only have a few contacts.) Jimmy jkuo () microsoft com ----- Original Message ----- From: "Winders, Timothy A" <twinders () southplainscollege edu> To: "Jimmy Kuo" <cjkuo () verizon net>; <security () listserv educause edu> Sent: Tuesday, April 01, 2008 11:57 AM Subject: RE: [SECURITY] .edu email phishing I had one user yesterday report receiving a message similar to this, but I have personally not seen it. Searching through our barracuda, I don't have anything from ask.helpdesk, nothing with the subject ending with "email account now." Ha! Just found one with "UPDATE YOUR EMAIL ACCOUNT" in the subject from "educationalwebmaster75 () yahoo com" routed through uoregon.edu, 128.223.142.41. Anyone from uoregon on this list? Tim Winders | Associate Dean of Information Technology | South Plains College
-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jimmy Kuo Sent: Tuesday, April 01, 2008 1:47 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] .edu email phishing Was this a directed (against caltech.edu) attack or was this one of a family sent to other .edu lists? Has anyone seen one like this for their school? The return address was actually set up for: ask.helpdesk0 () gmail com Jimmy >> ----- Original Message ----- >> From: "ADMIN HELPDESK" <helpdesk () caltech edu> >> To: <undisclosed-recipients:> >> Sent: Monday, March 31, 2008 12:39 PM >> Subject: VERIFY YOUR CALTECH.EDU EMAIL ACCOUNT NOW. >> >> >> >> >> Dear caltech.edu Email Account Owner, >> >> This message is from caltech.edu messaging center to all caltech.edu >> email >> account owners. We are currently upgrading our data base and e-mail >> account >> center. We are deleting all unused caltech.edu email accounts to create >> more >> space for new accounts. >> >> To prevent your account from being closed, you will have to update it >> below so >> that we will know that it's a present used account. >> >> CONFIRM YOUR EMAIL IDENTITY BELOW >> >> Email Username : .......... ..... >> EMAIL Password : ................ >> Date of Birth : ................. >> Country or Territory : .......... >> >> Warning!!! Account owner that refuses to update his or her account >> within Seven >> days of receiving this warning will lose his or her account permanently. >> >> Thank you for using caltech.edu >> Warning Code:VX2G99AAJ >> >> caltech.edu Team >> >> www.caltech.edu >> >> Dear caltech.edu Email Account Owner, >> >> This message is from caltech.edu messaging center to all caltech.edu >> email >> account owners. We are currently upgrading our data base and e-mail >> account >> center. We are deleting all unused caltech.edu email accounts to create >> more >> space for new accounts. >> >> To prevent your account from being closed, you will have to update it >> below so >> that we will know that it's a present used account. >> >> CONFIRM YOUR EMAIL IDENTITY BELOW >> >> Email Username : .......... ..... >> EMAIL Password : ................ >> Date of Birth : ................. >> Country or Territory : .......... >> >> Warning!!! Account owner that refuses to update his or her account >> within Seven >> days of receiving this warning will lose his or her account permanently. >> >> Thank you for using caltech.edu >> Warning Code:VX2G99AAJ >> >> caltech.edu Team >> >> www.caltech.edu
Current thread:
- .edu email phishing Jimmy Kuo (Apr 01)
- <Possible follow-ups>
- Re: .edu email phishing Rick Holland (Apr 01)
- Re: .edu email phishing Logan, Kimberly (loganks) (Apr 01)
- Re: .edu email phishing Winders, Timothy A (Apr 01)
- Re: .edu email phishing Joe St Sauver (Apr 01)
- Re: .edu email phishing Jimmy Kuo (Apr 01)
- Re: .edu email phishing Winders, Timothy A (Apr 01)
- Re: .edu email phishing Kees Leune (Apr 01)
- Re: .edu email phishing Jimmy Kuo (Apr 01)
- Re: .edu email phishing Brewer, Alex D (Apr 01)
- Re: .edu email phishing Lesli Sagan (Apr 01)
- Re: .edu email phishing Michael Behun (Apr 01)
- Re: .edu email phishing Zach Jansen (Apr 01)
- Re: .edu email phishing Dick Jacobson (Apr 02)
- Re: .edu email phishing Theresa Semmens (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Christopher Webber (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
(Thread continues...)