Educause Security Discussion mailing list archives
Survey sites used for Phishing attacks
From: Ram Smith <ram.smith () SCU EDU AU>
Date: Mon, 18 Oct 2010 13:36:32 +1100
Hi,Just a heads up. The last Phishing attack we received used a "legitimate" survey site to solicit account information. With the increasing use of "The Cloud"/ Web 2.0 we are seeing the boundaries of what would be perceived by student and staff as legitimate correspondence from our University.
This attack made it through our spam filters too. There was no dodgy ReplyTo field, the url was a legitimate business and from where i sit no way of knowing if anyone had responded either.
I'm in the process of redefining our response to include some form of URL blocking involving the network team. But this needs to be as automated as possible.
Cheers, ram -- Ram Smith Unix Team IT&TS, Southern Cross University, Lismore, NSW, Australia Email: ram.smith () scu edu au Ph.: +61 2 6620 3337 Fax: +61 2 6620 3033
Current thread:
- Survey sites used for Phishing attacks Ram Smith (Oct 17)
- Re: Survey sites used for Phishing attacks Greg Russo (Oct 18)
- Re: Survey sites used for Phishing attacks Chris Green (Oct 19)
- Re: Survey sites used for Phishing attacks Philip Webster (Oct 19)
- Re: Survey sites used for Phishing attacks Anthony Maszeroski (Oct 20)
- Re: Survey sites used for Phishing attacks Chris Green (Oct 19)
- Re: Survey sites used for Phishing attacks Greg Russo (Oct 18)