New depths in phishing

• Previous message (by thread): New depths in phishing
• Next message (by thread): New depths in phishing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 24 Mar 2006, Suresh Ramasubramanian wrote:

> On 3/24/06, Lucy E. Lynch <llynch at darkwing.uoregon.edu> wrote:
>>
>> edu skimming - try http://umich.edu.com/
>>
>
> edu.com is quite old as far as domains go... but its not really a
> phisher as far as i can see - its a purveyor of "online diplomas" from
> assorted universities, and some obvious  diploma mills (including
> those of the spamming variety, such as the University of Phoenix)

and collecting information from students interested in enrolling
at umich...

> www.imamoron.edu.com works as well .. by the way
>
>
> Registrant:
>   Vantage Media Corporation
>   1350 Abbot Kinney Blvd #203
>   Venice, California 90291
>   United States
>
>   Registered through: GoDaddy.com
>   Domain Name: EDU.COM
>      Created on: 24-Nov-98
>      Expires on: 23-Nov-10
>      Last Updated on: 14-Jun-05
>
>   Administrative Contact:
>      Administrator, Domain  domainadmin at vantagemedia.com
>      Vantage Media Corporation
>      1350 Abbot Kinney Blvd #203
>      Venice, California 90291
>      United States
>      3104823737      Fax --
>
>   Technical Contact:
>      Administrator, Domain  domainadmin at vantagemedia.com
>      Vantage Media Corporation
>      1350 Abbot Kinney Blvd #203
>      Venice, California 90291
>      United States
>      3104823737      Fax --
>
>   Domain servers in listed order:
>      PDNS1.ULTRADNS.NET
>      PDNS2.ULTRADNS.NET
>      PDNS3.ULTRADNS.ORG
>      PDNS4.ULTRADNS.ORG
>      PDNS5.ULTRADNS.INFO
>      PDNS6.ULTRADNS.CO.UK
>
>
>> nice!
>>
>> --
>> Lucy E. Lynch                           Academic User Services
>> Computing Center                        University of Oregon
>> llynch  @darkwing.uoregon.edu           (541) 346-1774
>>
>> ---------- Forwarded message ----------
>> Date: Thu, 23 Mar 2006 12:37:24 -0800
>> From: David Lundy <dlundy at pacific.edu>
>> Reply-To: UNIversity Security Operations Group <unisog at lists.sans.org>
>> To: unisog at lists.sans.org
>> Subject: Re: [unisog] Problems with EDU.COM domain
>>
>> It looks like a wild card.  Things like zzz.edu.com resolve.
>>
>> David Lundy
>> Acting IT Security Officer
>> University of the Pacific
>>
>>>>> YorkJ at brcc.edu 03/23/06 11:09 AM >>>
>> Wow, even lowly community colleges are listed in the phishing sites
>> edu.com.  They must have copied the entire .edu domain.  I just called
>> Educause (.edu registrar) to let them know about it--the lady I talked
>> to hadn't seen it yet, but promised to send the info to their
>> management.
>> Thanks
>> John
>>
>> John York
>> Network Engineer
>> Blue Ridge Community College
>>
>>
>> _______________________________________________
>> unisog mailing list
>> unisog at lists.sans.org
>> http://www.dshield.org/mailman/listinfo/unisog
>> _______________________________________________
>> unisog mailing list
>> unisog at lists.sans.org
>> http://www.dshield.org/mailman/listinfo/unisog
>>
>
>
> --
> Suresh Ramasubramanian (ops.lists at gmail.com)
>

-- 
Lucy E. Lynch 				Academic User Services
Computing Center			University of Oregon
llynch  @darkwing.uoregon.edu		(541) 346-1774

• Previous message (by thread): New depths in phishing
• Next message (by thread): New depths in phishing
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]