Re: FYI: Another round of spear Phishing

[Ken Connelly <Ken.Connelly () UNI EDU>]

Probably doesn't matter since they don't use either POP or IMAP to send
their spam.  Virtually everything I've seen in this area revolves around
logging in to a webmail client and sending from that, generally
automated and scripted.

- ken

Gasper, Rick wrote:
> I want to ask a rather simple question: if a spear phisher gets the account info, does it really matter if they use Imap or 
> pop to connect? The way I see it, once they have the keys, it doesn't really matter if the use the front door or the 
> back door. I could be missing something and if so please let me know.
>
>
> Rick Gasper
> Manager, Network Services
> King's College
> 133 N. River St
> Wilkes-Barre PA  18711
> PH: 570-208-5845
> Fax: 570-208-6072
> Cell: 570-760-0335
> rickgasper () kings edu
>
>
>
> -----Original Message-----
> From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Sweeny, 
> Jonny
> Sent: Wednesday, July 02, 2008 9:09 AM
> To: SECURITY () LISTSERV EDUCAUSE EDU
> Subject: Re: [SECURITY] FYI: Another round of spear Phishing
>
>
> > I am trying to find out if universities are still allowing
> > users to POP mail and, if so, is it secure POP??
>
> We moved everyone to IMAP several years ago.  No POP here. More info at: https://kb.iu.edu/data/aims.html
>
> --
> ~Jonny Sweeny, GSEC, GCWN, GCIH, GWAS, SSP-CNSA
> Incident Response Manager, Lead Security Analyst
> Office of the VP for Information Technology, Indiana University
> PGP key & S/MIME cert: http://informationpolicy.iu.edu/jsweeny
> jsweeny () iu edu - phone: (812)855-4194 - fax: (812)856-1011

--
- Ken
=================================================================
Ken Connelly             Associate Director, Security and Systems
ITS Network Services                  University of Northern Iowa
email: Ken.Connelly () uni edu   p: (319) 273-5850 f: (319) 273-7373