New depths in phishing
Lucy E. Lynch
llynch at darkwing.uoregon.edu
Fri Mar 24 15:03:04 UTC 2006
On Fri, 24 Mar 2006, Suresh Ramasubramanian wrote:
> On 3/24/06, Lucy E. Lynch <llynch at darkwing.uoregon.edu> wrote:
>>
>> edu skimming - try http://umich.edu.com/
>>
>
> edu.com is quite old as far as domains go... but its not really a
> phisher as far as i can see - its a purveyor of "online diplomas" from
> assorted universities, and some obvious diploma mills (including
> those of the spamming variety, such as the University of Phoenix)
and collecting information from students interested in enrolling
at umich...
> www.imamoron.edu.com works as well .. by the way
>
>
> Registrant:
> Vantage Media Corporation
> 1350 Abbot Kinney Blvd #203
> Venice, California 90291
> United States
>
> Registered through: GoDaddy.com
> Domain Name: EDU.COM
> Created on: 24-Nov-98
> Expires on: 23-Nov-10
> Last Updated on: 14-Jun-05
>
> Administrative Contact:
> Administrator, Domain domainadmin at vantagemedia.com
> Vantage Media Corporation
> 1350 Abbot Kinney Blvd #203
> Venice, California 90291
> United States
> 3104823737 Fax --
>
> Technical Contact:
> Administrator, Domain domainadmin at vantagemedia.com
> Vantage Media Corporation
> 1350 Abbot Kinney Blvd #203
> Venice, California 90291
> United States
> 3104823737 Fax --
>
> Domain servers in listed order:
> PDNS1.ULTRADNS.NET
> PDNS2.ULTRADNS.NET
> PDNS3.ULTRADNS.ORG
> PDNS4.ULTRADNS.ORG
> PDNS5.ULTRADNS.INFO
> PDNS6.ULTRADNS.CO.UK
>
>
>> nice!
>>
>> --
>> Lucy E. Lynch Academic User Services
>> Computing Center University of Oregon
>> llynch @darkwing.uoregon.edu (541) 346-1774
>>
>> ---------- Forwarded message ----------
>> Date: Thu, 23 Mar 2006 12:37:24 -0800
>> From: David Lundy <dlundy at pacific.edu>
>> Reply-To: UNIversity Security Operations Group <unisog at lists.sans.org>
>> To: unisog at lists.sans.org
>> Subject: Re: [unisog] Problems with EDU.COM domain
>>
>> It looks like a wild card. Things like zzz.edu.com resolve.
>>
>> David Lundy
>> Acting IT Security Officer
>> University of the Pacific
>>
>>>>> YorkJ at brcc.edu 03/23/06 11:09 AM >>>
>> Wow, even lowly community colleges are listed in the phishing sites
>> edu.com. They must have copied the entire .edu domain. I just called
>> Educause (.edu registrar) to let them know about it--the lady I talked
>> to hadn't seen it yet, but promised to send the info to their
>> management.
>> Thanks
>> John
>>
>> John York
>> Network Engineer
>> Blue Ridge Community College
>>
>>
>> _______________________________________________
>> unisog mailing list
>> unisog at lists.sans.org
>> http://www.dshield.org/mailman/listinfo/unisog
>> _______________________________________________
>> unisog mailing list
>> unisog at lists.sans.org
>> http://www.dshield.org/mailman/listinfo/unisog
>>
>
>
> --
> Suresh Ramasubramanian (ops.lists at gmail.com)
>
--
Lucy E. Lynch Academic User Services
Computing Center University of Oregon
llynch @darkwing.uoregon.edu (541) 346-1774
More information about the NANOG
mailing list