Educause Security Discussion mailing list archives

Re: Phishing Attacks version 2

From: "Di Fabio, Andrea" <adifabio () NSU EDU>
Date: Thu, 3 Jul 2008 11:36:05 -0400

Could you share the body of the original message?

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv
[mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Zach Jansen
Sent: Thursday, July 03, 2008 11:27 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Phishing Attacks version 2

Well this had to come eventually, but just in case others haven't seen
this... One of my users received a phishing attack that offered a link to
our webmail page and insisted that the user needed to login to secure their
account instead of asking for the password by reply. The link actually goes
to an exact copy of our webmail login page and records the username and
password of whoever visits the site. I've also seen HTML forms embedded
directly in the email that do more or less the same thing.

Zach

--

Zach Jansen
Information Security Officer
Calvin College
Phone: 616.526.6776
Fax: 616.526.8550

Attachment: smime.p7s
Description:

Current thread:

Phishing Attacks version 2 Zach Jansen (Jul 03)
- <Possible follow-ups>
- Re: Phishing Attacks version 2 Di Fabio, Andrea (Jul 03)
- Re: Phishing Attacks version 2 Zach Jansen (Jul 03)
- Re: Phishing Attacks version 2 RL Vaughn (Jul 03)
- Re: Phishing Attacks version 2 David L. Wasley (Jul 03)