Re: phishing attack using copied University website

[Andrew Daviel <advax () TRIUMF CA>]

On Mon, 13 Jul 2009, TIMOTHY S GURGANUS wrote:

> NCSU email users were the target of a phishing attack last Thursday
> night.  This attack was different from others we have been receiving
> and I hope it is not a harbinger of things to come.  I have read of this
> happening to other schools, but I'm wondering how common this attack is
> versus the usual phishing that uses only email.

We haven't had one quite like that, but did have one which included a
link to our real webmail login page. Only what you'd expect for an online
bank or eBay phish, but we're quite a small site with less than a
thousand users. That one had about 80 recipients and 80 duds before it
triggered a spamtrap. Last year we had one that must have stripped our
LDAP server or something and got everyone. Only about 2 users actually
mailed them a password...


--
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376  (Pacific Time)
Network Security Manager