Educause Security Discussion mailing list archives
Re: Feedback on threatpost article: University Email Hijacking Attacks Push Phishing, Malware
From: Alex Keller <axkeller () STANFORD EDU>
Date: Tue, 3 Nov 2020 22:10:55 +0000
hi Jim et al, Thanks for sending this over. Threatpost article is just a synopsis of the Inky.com marketing report found here: https://www.inky.com/hubfs/2020%20Report%20Hijacked%20University%20Accounts.pdf Very curious how Inky is collecting these emails (to: field is redacted in their screenshots), how they compiled these statistics, and if they bothered to reach out to any of the schools during the course of their research. At first glance I am concerned with the approach. Best, Alex Alex Keller StanfordĀ | Engineering Information Technology axkeller () stanford edu (650)736-6421 -----Original Message----- From: The EDUCAUSE Security Community Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Jim A. Bole Sent: Monday, November 2, 2020 6:40 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Feedback on threatpost article: University Email Hijacking Attacks Push Phishing, Malware I'm not familiar with Inky, the group that did this research: https://threatpost.com/university-email-hijacking-phishing-malwarephishing-malware/160735/ Curious what other think of these findings. I do find that many phishing attacks use email accounts with valid DMARC/SPF, such as hijack google accounts. Jim Bole Director of Information Security Stevenson University 1525 Greenspring Valley Road Stevenson, MD, 21153-0641 jbole () stevenson edu | O: 443-334-2696 ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community ********** Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the person who sent the message, copy and paste their email address and forward the email reply. Additional participation and subscription information can be found at https://www.educause.edu/community
Current thread:
- Feedback on threatpost article: University Email Hijacking Attacks Push Phishing, Malware Jim A. Bole (Nov 02)
- Re: Feedback on threatpost article: University Email Hijacking Attacks Push Phishing, Malware Alex Keller (Nov 03)
- Re: Feedback on threatpost article: University Email Hijacking Attacks Push Phishing, Malware Daniel Johnson (Nov 03)
- Re: Feedback on threatpost article: University Email Hijacking Attacks Push Phishing, Malware Alex Keller (Nov 03)