Educause Security Discussion mailing list archives
Re: Compromised accounts at other institutes
From: Brad Judy <brad.judy () CU EDU>
Date: Fri, 25 Apr 2014 16:27:41 +0000
Either notify the other school directly (what I usually do), or pass the information along to the REN-ISAC Security Operations Center (soc () ren-isac net<mailto:soc () ren-isac net>) if you’d like a third-party to contact the originating institution. Be sure to include a copy of the full email headers either way. Brad Judy Director of UIS Security University Information Systems University of Colorado 1800 Grant Street, Suite 300 Denver, CO 80203 Office: (303) 860-4293 Fax: (303) 860-4302 www.cu.edu [cu-logo_fl] From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Frank Barton Sent: Friday, April 25, 2014 10:24 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Compromised accounts at other institutes We are seeing a massive increase in the number of spear-phishing attempts being directed at our users. Many of these are coming from compromised accounts at other universities. The couple of folks that we have had fall for these phishing attempts seem to have their accounts used to send further spear-phishing attempts to yet more universities. Aside from the obvious account security steps to take when we detect a compromised account on our system, what steps (if any) are others taking when you get messages that are symptomatic of compromised accounts at other universities? Thank You -- Frank Barton Apple Certified Mac Technician Technology Support Coordinator Husson University
Current thread:
- Compromised accounts at other institutes Frank Barton (Apr 25)
- Re: Compromised accounts at other institutes Brad Judy (Apr 25)
- Re: Compromised accounts at other institutes Roger A Safian (Apr 25)
- Re: Compromised accounts at other institutes charlie derr (Apr 25)
- Re: Compromised accounts at other institutes Frank Barton (Apr 25)
- Re: Compromised accounts at other institutes Ken Connelly (Apr 25)
- Re: Compromised accounts at other institutes Frank Barton (Apr 25)
- Re: Compromised accounts at other institutes Bob Bayn (Apr 25)
- Re: Compromised accounts at other institutes Frank Barton (Apr 25)
- Re: Compromised accounts at other institutes Joel L. Rosenblatt (Apr 25)
- <Possible follow-ups>
- Re: Compromised accounts at other institutes Joe St Sauver (Apr 25)
- Re: Compromised accounts at other institutes Bob Bayn (Apr 25)