Educause Security Discussion mailing list archives

Previous By Date Next
Previous By Thread Next

Re: US Department of Justice Victim Notification System

From: Gary Warner <gar () CIS UAB EDU>
Date: Thu, 18 Jun 2009 10:44:59 -0500
(modestly pointing at his own blog:

http://garwarner.blogspot.com/2009/05/university-spammers-shah-brothers.html

The prosecutor is a fantastic guy - he actually did a guest lecture for my "Investigating Online Crime" class this 
summer, and I know he's working with many of our friends on this list.

Please help if your University is able.  These guys scraped all of our systems for emails, and then did "targeted mail" 
claiming to be an "alumni-owned company" or otherwise suggesting a relationship with the university to help convince 
kids to buy their (iPods / Teeth Whitening Kits / Magazine Subscriptions / Text Books).

They used a wide system of proxies and spamming engines to deliver their stuff, and also used bullet-proof hosting 
services from China to make sure their sites stayed online.

I'm sure it would be a great help to his case if anyone was able to characterize the nature of the traffic to their 
university, or provide any examples of the emails received.

--

----------------------------------------------------------

Gary Warner
Director of Research in Computer Forensics
The University of Alabama at Birmingham
205.934.8620             205.422.2113
gar () cis uab edu        gar () askgar com

-----------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: