Educause Security Discussion mailing list archives
Re: .edu email phishing
From: "Winders, Timothy A" <twinders () SOUTHPLAINSCOLLEGE EDU>
Date: Wed, 2 Apr 2008 14:48:25 -0500
Got it! I did see the svn checkout before, but didn't think about looking there for contributions. :-) Tim Winders | Associate Dean of Information Technology | South Plains College
-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jesse Thompson Sent: Wednesday, April 02, 2008 2:46 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] .edu email phishing Winders, Timothy A wrote:Thanks, Jesse! tim.winders () gmail com is my gmail username.doneI didn't see any contributions, but the DNSBL bind zone would beperfect. Each to add to (any?) antispam product and easily managed. Thanks! http://code.google.com/p/anti-phishing-email-reply/source/browse JesseTim Winders | Associate Dean of Information Technology | South PlainsCollege-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jesse Thompson Sent: Wednesday, April 02, 2008 2:36 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] .edu email phishing Someone has already contributed a script to import the addressesinto aBIND zone for DNSBL queries. I have a script you can use to scanyouroutbound mail logs which I'll upload soon. You're welcome to contribute your own scripts that serve other functions. Let me know your gmail username and I can make you a member. Jesse Winders, Timothy A wrote:Thanks, Jesse. I see that you are the owner of that project. Is there a way toautomatically incorporate that list into anti-X products? In mycasespecifically, we use the Barracuda antivirus appliance. While I can manually enter the email addresses, keeping it updated and currentovertime seems a monumental task.Tim Winders | Associate Dean of Information Technology | SouthPlainsCollege-----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of JesseThompsonSent: Wednesday, April 02, 2008 9:12 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] .edu email phishing http://code.google.com/p/anti-phishing-email-reply/ Jesse Jimmy Kuo wrote:Was this a directed (against caltech.edu) attack or was this oneofafamily sent to other .edu lists? Has anyone seen one like thisfortheir school? The return address was actually set up for: ask.helpdesk0 () gmail com Jimmy----- Original Message ----- From: "ADMIN HELPDESK" <helpdesk () caltech edu> To: <undisclosed-recipients:> Sent: Monday, March 31, 2008 12:39 PM Subject: VERIFY YOUR CALTECH.EDU EMAIL ACCOUNT NOW. Dear caltech.edu Email Account Owner, This message is from caltech.edu messaging center to allcaltech.eduemail account owners. We are currently upgrading our data base and e-account center. We are deleting all unused caltech.edu email accountstocreate more space for new accounts. To prevent your account from being closed, you will have toupdateitbelow so that we will know that it's a present used account. CONFIRM YOUR EMAIL IDENTITY BELOW Email Username : .......... ..... EMAIL Password : ................ Date of Birth : ................. Country or Territory : .......... Warning!!! Account owner that refuses to update his or heraccountwithin Seven days of receiving this warning will lose his or her accountpermanently.Thank you for using caltech.edu Warning Code:VX2G99AAJ caltech.edu Team www.caltech.edu Dear caltech.edu Email Account Owner, This message is from caltech.edu messaging center to allcaltech.eduemail account owners. We are currently upgrading our data base and e-account center. We are deleting all unused caltech.edu email accountstocreate more space for new accounts. To prevent your account from being closed, you will have toupdateitbelow so that we will know that it's a present used account. CONFIRM YOUR EMAIL IDENTITY BELOW Email Username : .......... ..... EMAIL Password : ................ Date of Birth : ................. Country or Territory : .......... Warning!!! Account owner that refuses to update his or heraccountwithin Seven days of receiving this warning will lose his or her accountpermanently.Thank you for using caltech.edu Warning Code:VX2G99AAJ caltech.edu Team www.caltech.edu-- Jesse Thompson Email/IM: jesse.thompson () doit wisc edu-- Jesse Thompson Email/IM: jesse.thompson () doit wisc edu-- Jesse Thompson Email/IM: jesse.thompson () doit wisc edu
Current thread:
- Re: .edu email phishing, (continued)
- Re: .edu email phishing Michael Behun (Apr 01)
- Re: .edu email phishing Zach Jansen (Apr 01)
- Re: .edu email phishing Dick Jacobson (Apr 02)
- Re: .edu email phishing Theresa Semmens (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Christopher Webber (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Jesse Thompson (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Dave Koontz (Apr 02)
- Re: .edu email phishing Jeffrey I. Schiller (Apr 02)
- Re: .edu email phishing Mike Iglesias (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Winders, Timothy A (Apr 02)
- Re: .edu email phishing Dave Koontz (Apr 02)
- Re: .edu email phishing Martin Manjak (Apr 03)