Fake-alert: VERIFY YOUR MERIT.EDU WEBMAIL ACCOUNT

• Previous message (by thread): Fake-alert: VERIFY YOUR MERIT.EDU WEBMAIL ACCOUNT
• Next message (by thread): Fake-alert: VERIFY YOUR MERIT.EDU WEBMAIL ACCOUNT
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 24 May 2008 17:14:33 +0100
  Graeme Fowler <graeme at graemef.net> wrote:
> On Sat, 2008-05-24 at 17:02 +0200, Peter Dambier wrote:
>> I dont trust it:
> 
> Quite right too, it's a spear-phishing attack. This is currently an
> almost daily occurrence for .edu domains.
> 
> The compromised accounts are frequently abused via webmail systems,
> being used to send out more scams.
> 
> The scammers responsible are also targeting UK higher ed institutions,
> with a limited degree of success. I can't really speak for my US
> counterparts with regards the success of the attacks, but one would
> surmise that it's more or less the same. To paraphrase badly:
> 
> All users are gullible, but some are more gullible than others.
> 
> -g


As a US EDU, I can attest to the fact that a handful of
our webmail accounts have been compromised and subsequently
used to send out these types of phishing attacks. We never
figured out how the accounts were compromised. I suspect
users with hand-held devices are being snooped when they
use IMAP. Our webmail is SSL, but not IMAP.

Most of the spammers' messages appear as though someone
is manually using their cut & paste to generate the spam,
not anything automated (based on the rate messages go out.
Seems rather tedious.


matthew black
e-mail postmaster
network services
california state university, long beach

• Previous message (by thread): Fake-alert: VERIFY YOUR MERIT.EDU WEBMAIL ACCOUNT
• Next message (by thread): Fake-alert: VERIFY YOUR MERIT.EDU WEBMAIL ACCOUNT
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]