New depths in phishing

• Previous message (by thread): New depths in phishing
• Next message (by thread): New depths in phishing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 3/24/06, Lucy E. Lynch <llynch at darkwing.uoregon.edu> wrote:
>
> edu skimming - try http://umich.edu.com/
>

edu.com is quite old as far as domains go... but its not really a
phisher as far as i can see - its a purveyor of "online diplomas" from
assorted universities, and some obvious  diploma mills (including
those of the spamming variety, such as the University of Phoenix)

www.imamoron.edu.com works as well .. by the way


Registrant:
   Vantage Media Corporation
   1350 Abbot Kinney Blvd #203
   Venice, California 90291
   United States

   Registered through: GoDaddy.com
   Domain Name: EDU.COM
      Created on: 24-Nov-98
      Expires on: 23-Nov-10
      Last Updated on: 14-Jun-05

   Administrative Contact:
      Administrator, Domain  domainadmin at vantagemedia.com
      Vantage Media Corporation
      1350 Abbot Kinney Blvd #203
      Venice, California 90291
      United States
      3104823737      Fax --

   Technical Contact:
      Administrator, Domain  domainadmin at vantagemedia.com
      Vantage Media Corporation
      1350 Abbot Kinney Blvd #203
      Venice, California 90291
      United States
      3104823737      Fax --

   Domain servers in listed order:
      PDNS1.ULTRADNS.NET
      PDNS2.ULTRADNS.NET
      PDNS3.ULTRADNS.ORG
      PDNS4.ULTRADNS.ORG
      PDNS5.ULTRADNS.INFO
      PDNS6.ULTRADNS.CO.UK


> nice!
>
> --
> Lucy E. Lynch                           Academic User Services
> Computing Center                        University of Oregon
> llynch  @darkwing.uoregon.edu           (541) 346-1774
>
> ---------- Forwarded message ----------
> Date: Thu, 23 Mar 2006 12:37:24 -0800
> From: David Lundy <dlundy at pacific.edu>
> Reply-To: UNIversity Security Operations Group <unisog at lists.sans.org>
> To: unisog at lists.sans.org
> Subject: Re: [unisog] Problems with EDU.COM domain
>
> It looks like a wild card.  Things like zzz.edu.com resolve.
>
> David Lundy
> Acting IT Security Officer
> University of the Pacific
>
> >>> YorkJ at brcc.edu 03/23/06 11:09 AM >>>
> Wow, even lowly community colleges are listed in the phishing sites
> edu.com.  They must have copied the entire .edu domain.  I just called
> Educause (.edu registrar) to let them know about it--the lady I talked
> to hadn't seen it yet, but promised to send the info to their
> management.
> Thanks
> John
>
> John York
> Network Engineer
> Blue Ridge Community College
>
>
> _______________________________________________
> unisog mailing list
> unisog at lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog
> _______________________________________________
> unisog mailing list
> unisog at lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog
>


--
Suresh Ramasubramanian (ops.lists at gmail.com)

• Previous message (by thread): New depths in phishing
• Next message (by thread): New depths in phishing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]