Re: Compromised accounts at other institutes

[Joe St Sauver <joe () OREGON UOREGON EDU>]

Hi,

Bob Bayn <bob.bayn () usu edu> commented:

#I try to send direct notification to the "abuse" and "helpdesk" 
#address at any .edu, .k12, .org or health organization that is 
#spamming us with phish.  

dot org is probably pretty generic these days. On the other hand,
dot gov, dot mil, and dot int are probably worth adding to your
"give it a shot" list, likewise the international equivalents of
dot edu (such as dot ac dot uk)

#If they both bounce, I will generally 
#search the site to find another technical contact address or 
#contact form.  (Do YOU have those default reporting addresses?)

abuse@ is normative, but helpdesk@ isn't. See
https://www.ietf.org/rfc/rfc2142.txt at section 4

I'd also note that http://abuse.net/ can be tremendously helpful
when it comes to tracking down usable abuse reporting addresses.

#The phish links that we take action against are all reported on 
#a public google docs spreadsheet at: [link redacted here]

Huge fan of http://www.phishtank.com/ for reporting phish

Regards, and hope everyone has a nice weekend,

Joe