Educause Security Discussion mailing list archives
Re: <SPAM> Re: user account compromise?
From: Dick Jacobson <Dick.Jacobson () NDUS NODAK EDU>
Date: Thu, 24 Apr 2008 16:08:57 -0500
On Thu, 24 Apr 2008, Cal Frye wrote: We also had one of the where the password was changed but the activity retuurned. Our email guru said the person must have maintained a connection over the period of the password change - so check the connections also - or the user simply changed their password back to the original (even though they said they didn't).
Barros, Jacob wrote:Ken and all. That was it. He did reply to one of those phishing scams. No more than 12 hours before the SPAM was launched. Any non-internal legal advice would be appreciated.Be careful changing his password -- don't email it to him, as the spammer may have set up forwarding and might receive a copy of the notice ;-) -- Regards, -- Cal Frye, Network Administrator, Oberlin College www.calfrye.com, www.pitalabs.com "Reality is merely an illusion, albeit a very persistent one. " - Albert Einstein (1879-1955)
----------------------------------------------------------------------- Dick Jacobson e-mail : Dick.Jacobson () ndus NoDak edu NDUS IT Security Officer office : IACC 206, NDSU ND HECN MultiUser Host SysAd phone : 701-231-7385 -----------------------------------------------------------------------
Current thread:
- <SPAM> Re: user account compromise? Stephen John Smoogen (Apr 24)
- <Possible follow-ups>
- <SPAM> Re: user account compromise? Cal Frye (Apr 24)
- Re: <SPAM> Re: user account compromise? Dick Jacobson (Apr 24)
- Re: <SPAM> Re: user account compromise? Stephen John Smoogen (Apr 24)
- <SPAM> RE: user account compromise? Jenkins, Matthew (Apr 24)
- <SPAM> Re: user account compromise? Paul Russell (Apr 24)