Re: FYI: Another round of spear Phishing

["Gasper, Rick" <rickgasper () KINGS EDU>]

My concern is that they would use this to method to copy our address books. This way they could get a list of known 
employees and then use the names to sign off on their phishing attempts.

Rick

Rick Gasper 
Manager, Network Services 
King's College 
133 N. River St 
Wilkes-Barre PA  18711 
PH: 570-208-5845 
Fax: 570-208-6072 
Cell: 570-760-0335 
rickgasper () kings edu 



-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of J. Fowler
Sent: Wednesday, July 02, 2008 1:06 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] FYI: Another round of spear Phishing

Gasper, Rick wrote:
> I want to ask a rather simple question: if a spear phisher gets the account info, does it really matter if they use 
> Imap or pop to connect? 
>   
We are not witnessing them reading user email. They only seem interested 
in sending mass amounts of 419 scams through smtp via webmail. They seem 
to prefer webmail because it offers features like mail forwarding and 
signature file customization. I'm not sure we've ever seen a connection 
via pop or imap.