Educause Security Discussion mailing list archives
Re: phishing irony
From: Jesse Thompson <jesse.thompson () DOIT WISC EDU>
Date: Wed, 11 Feb 2009 08:14:41 -0600
Ah, good call. The message went through another EDU mail server first, which appears to have added the warning. It fooled me :-) I thought it was an attempt by the phisher to diffuse the users' perception of risk. Adding the warning might not be a bad idea, but I think that it should state that the warning was added to the message after it was sent. ======================================================================= Warning: the content of this message indicates that it might be an attempt to steal your private information. PHISHING: Legitimate organizations NEVER ask for your SSN, password, account number, or other personal data. Do NOT ever provide such information to anyone via email. ======================================================================= Jesse Dan Oachs wrote:
Is there any chance that someones outbound mailserver added that to the top of the message as a warning? Would be an interesting idea but probably would not stop many users from responding with their password anyway :) --Dan Jesse Thompson wrote:I found a phish message today with the following at the top of the message: ======================================================================== PHISHING: Legitimate organizations NEVER ask for your SSN, password, account number, or other personal data. Do NOT ever provide such information to anyone via email. ======================================================================== It was then followed by the usual request to reply to the @live.com address with account credentials. I can't figure out if the phishers are being stupid or genius. Jesse
-- Jesse Thompson Division of Information Technology, University of Wisconsin-Madison Email/IM: jesse.thompson () doit wisc edu
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- phishing irony Jesse Thompson (Feb 11)
- <Possible follow-ups>
- Re: phishing irony Dan Oachs (Feb 11)
- Re: phishing irony Jesse Thompson (Feb 11)
- Re: phishing irony Tupker, Mike (Feb 11)
- Re: phishing irony Pace, Guy (Feb 11)
- Re: phishing irony Mike Porter (Feb 11)
- Re: phishing irony Gary Flynn (Feb 11)
- Re: phishing irony Paul Crittenden (Feb 12)
- Re: phishing irony Ozzie Paez (Feb 12)
- Re: phishing irony HALL, NATHANIEL D. (Feb 12)
- Re: phishing irony Pete Hickey (Feb 12)
- Re: phishing irony Matthew Gracie (Feb 12)
- Re: phishing irony Valdis Kletnieks (Feb 12)
(Thread continues...)