Educause Security Discussion mailing list archives
Re: FYI: Another round of spear Phishing
From: Joel Rosenblatt <joel () COLUMBIA EDU>
Date: Wed, 2 Jul 2008 13:23:50 -0400
We have seen them do this on Exchange though. Mostly we see webmail also. We have seen lots of other types of spam then 419 - usually, they will sacrifice a few of the first passwords to send as many phishes out as they can - they reserve most for later income producing use. We have seen them start to use an ID within an 30 minutes of the genius sending them the password. Joel Rosenblatt --On Wednesday, July 02, 2008 10:06 AM -0700 "J. Fowler" <fowler () CSUFRESNO EDU> wrote:
Gasper, Rick wrote:I want to ask a rather simple question: if a spear phisher gets the account info, does it really matter if they use Imap or pop to connect?We are not witnessing them reading user email. They only seem interested in sending mass amounts of 419 scams through smtp via webmail. They seem to prefer webmail because it offers features like mail forwarding and signature file customization. I'm not sure we've ever seen a connection via pop or imap.
Joel Rosenblatt, Manager Network & Computer Security Columbia Information Security Office (CISO) Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033 http://www.columbia.edu/~joel
Current thread:
- Re: FYI: Another round of spear Phishing STEVE MAGRIBY (Jul 01)
- <Possible follow-ups>
- Re: FYI: Another round of spear Phishing scott hollatz (Jul 01)
- Re: FYI: Another round of spear Phishing Jesse Thompson (Jul 01)
- Re: FYI: Another round of spear Phishing Sweeny, Jonny (Jul 02)
- Re: FYI: Another round of spear Phishing Gasper, Rick (Jul 02)
- Re: FYI: Another round of spear Phishing Joel Rosenblatt (Jul 02)
- Re: FYI: Another round of spear Phishing Lucas, Bryan (Jul 02)
- Re: FYI: Another round of spear Phishing Ken Connelly (Jul 02)
- Re: FYI: Another round of spear Phishing J. Fowler (Jul 02)
- Re: FYI: Another round of spear Phishing Joel Rosenblatt (Jul 02)
- Re: FYI: Another round of spear Phishing Paul Russell (Jul 02)
- Re: FYI: Another round of spear Phishing scott hollatz (Jul 02)
- Re: FYI: Another round of spear Phishing Gasper, Rick (Jul 03)