Re: FYI: Another round of spear Phishing

[Robin Polak <robin.polak () GMAIL COM>]

We just got hit by this attack as well.  The reply-to address is set to
center_up_grade () live com

Dear mountsaintvincent.edu Email Owner,

This message is from mountsaintvincent.edu messaging center to all
mountsaintvincent.edu
Email owners. We are currently upgrading our data base and
e-mail center. We are deleting all unused mountsaintvincent.edu
to create more space for new one.

To prevent your account from closing you will have to update it
below so that we will know that it's a present used account.

CONFIRM YOUR EMAIL BELOW
Email Username :.....
EMAIL Password : ................
Date of Birth : .................
Country or Territory : ..........

Warning!!! Email owner that refuses to update his or her
Email,within Seven days of receiving this warning will lose his or her
Email permanently.

Thanks,
mountsaintvincent.edu Team
MOUNTSAINTVINCENT BETA.




---------------------------------------------------------------------------
3webXS HiSpeed Dial-up...surf up to 5x faster than regular dial-up alone...
just $14.90/mo...visit www.get3web.com for details

On Thu, Jun 12, 2008 at 6:46 PM, Paul Russell <prussell () nd edu> wrote:
> On 6/12/2008 10:32 AM, Zach Jansen wrote:
> > Clyde,
> > I think a few of us share your pain. Search the archives for some good
>
> > suggestions, the topic has come up a couple times this year.
>
> This is an ongoing topic of conversation on the hied-emailadmin list.
> Participants are sharing information about sender and reply-to addresses
> seen at their sites.  You can review the list archives and subscribe to
> the list at <http://listserv.nd.edu/archives/hied-emailadmin.html>.
>
> --
> Paul Russell, Senior Systems Administrator
> OIT Messaging Services Team
> University of Notre Dame
> prussell () nd edu



--
Robin Polak
E-Mail: robin.polak () gmail com
V. 917-494-2080