jimdo(.)com surges ahead of webs(.)com as a favorite of phishers.

[Bob Bayn <bob.bayn () USU EDU>]

My overnight collection of new phishing links has put jimdo(.)com well ahead of webs(.)com as the host of choice for 
phish links today.  Here's my overnight list:

upgreadeyourmailbox.jimdo(.)com
dearuserupgreade.jimdo(.)com
email-reactivitionlinkaccess.jimdo(.)com
itsaccountvalidationprocess.jimdo(.)com
routineformaintenance.jimdo(.)com
web-adstrator.jimdo(.)com
mailboxaccessweb.jimdo(.)com
wbactieve.jimdo(.)com
staffloginitsupportupgrade2013.jimdo(.)com

dutchwebpage.webs(.)com
gameonefor.webs(.)com
e-mailusers.webs(.)com
webcleanup.webs(.)com
staffstudentfacaultymailboxcleanup.webs(.)com

faculty-staff111.yolasite(.)com
verificatinform.yolasite(.)com

I have reported all of them to their respective services.  Webs(.)com is getting real good about acting on abuse 
reports quickly - often within a few minutes.

Our whole list of known web form hosting services used by phishers can be found at:
https://it.usu.edu/computer-security/be-an-internet-skeptic/form-services/

I have crippled all the hostnames so that our mail filter doesn't go crazy when it sees this message come back from the 
SECURITY list.   ;-)

Bob Bayn    SER 301    (435)797-2396       IT Security Team
Office of Information Technology,     Utah State University
     three common hazardous email scams to watch out for:
     1) unfamiliar transaction report from familiar business
     2) attachment with no explanation in message body
     3) "phishing" for your email password