Educause Security Discussion mailing list archives
Re: FYI: Another round of spear Phishing
From: Bob Bayn <Bob.Bayn () USU EDU>
Date: Thu, 12 Jun 2008 08:50:46 -0600
We have been targeted by three separate spear phishing attacks in the past six weeks. In spite of our efforts to filter incoming email, and to warn our campus community about these messages and not to respond to them, we have had a least 2 accounts (that we know about) hijacked and used to send spam. Right now our reputation scores are in the toilet.
We actually have an accidentally helpful feature that helps us in this situation. I didn't recognize it until we intercepted a reply by one of our faculty to the recent phish message. Our users login to their email (exchange) with an ID number that is not the username that anyone sees. The Phish asked for email username and password and the staff member provided that info. But that username isn't what works with that password to login to the email account. A determined phish hacker might use the info received to do some hunting or social engineering to get the ID number but they are more likely to write the response off as intentional misinformation and move on to the next response to their phish. Every once in a while unintended consequences are good. -- Bob Bayn ride-a-bike (435)797-2396 Network Security Team coordinator Office of Information Techology Utah State University
Current thread:
- FYI: Another round of spear Phishing Clyde Hoadley (Jun 11)
- <Possible follow-ups>
- Re: FYI: Another round of spear Phishing Jenkins, Matthew (Jun 11)
- Re: FYI: Another round of spear Phishing Paul Kendall (Jun 11)
- Re: FYI: Another round of spear Phishing Jenkins, Matthew (Jun 11)
- Re: FYI: Another round of spear Phishing STEVE MAGRIBY (Jun 12)
- Re: FYI: Another round of spear Phishing Zach Jansen (Jun 12)
- Re: FYI: Another round of spear Phishing Basgen, Brian (Jun 12)
- Re: FYI: Another round of spear Phishing Bob Bayn (Jun 12)
- Re: FYI: Another round of spear Phishing Gregg, Christopher S. (Jun 12)
- Re: FYI: Another round of spear Phishing Koerber, Jeff (Jun 12)
- Re: FYI: Another round of spear Phishing Jenkins, Matthew (Jun 12)
- Re: FYI: Another round of spear Phishing Paul Russell (Jun 12)
- Re: FYI: Another round of spear Phishing Robin Polak (Jun 17)
- Re: FYI: Another round of spear Phishing ram smith (Jun 17)
- Re: FYI: Another round of spear Phishing Gary Warner (Jun 17)
- Re: FYI: Another round of spear Phishing Cal Frye (Jun 18)
- Re: FYI: Another round of spear Phishing Matthew Gracie (Jun 19)
- Re: FYI: Another round of spear Phishing Cal Frye (Jun 19)
(Thread continues...)