Educause Security Discussion mailing list archives

Re: Pointless email spam

From: "Jacobson, Dick" <dick.jacobson () NDUS EDU>
Date: Mon, 15 Apr 2013 17:56:35 +0000

One of my campuses reminded me that today is tax day and this is not abnormal for this time as the Phishers test their 
addresses.

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gade, 
Werner
Sent: Monday, April 15, 2013 12:44 PM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Pointless email spam

We have seen a 225% to 500% increase in spam messages, depending on the day, hitting our spam filters since April 3rd.  
Our filters are adjusted as high as we can go without stopping legitimate emails.

Werner Gade
Interim CIO
Director of Technical Operations
Central Information Technology Services
University of Wisconsin - Colleges and Extension
780 Regent St. | Madison, WI 53715-2635
Phone: (608) 262-7832 |Mobile: (608) 220-7877 |Fax: (608) 262-234

-----Original Message-----
From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Gary 
Warner
Sent: Monday, April 15, 2013 6:35 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: [SECURITY] Pointless email spam

Are other schools seeing a big uptick in "no purpose" spam messages?  Wondering if this is an enormous email address 
list cleanse/harvest? or what other motives anyone might theorize on this?

Here are three sample email bodies.  No attachment, no links.  Can't PROVE they are related, just coincidence of timing 
and pointlessness.

++++++++++++++++++++
(received from myschoolemail.net 173.246.104.97)
(from: hilda.barrett () myschoolemail net)

Denise,

I wanted to know if you understand that you can't come to the super deli next Friday.

Cheers,

H.

++++++++++++++++++++
(envelope from waggishy08 () acm org)
(x-sender: ultrasug9 () gil com au)
(X-PHP-Script indicates it was sent via "afes.com/sendmail.php" at request of 186.87.28.58)
(Return-Path: suicidaloa53 () afes com)

CHAPTER XLI, Nor from ME, neither.
Why HE? I stopped.

+++++++++++++++++++++
(received from heattreatmentchina.ru (37.255.60.4)
(from: stonehengeqq40 () trinity edu)

Bofe un you claims it, But we didnt wait.
So Tom was satisfied.

++++++++++++++++++++++

----------------------------------------------------------

Gary Warner
Director of Research in Computer Forensics The University of Alabama at Birmingham Center for Information Assurance and 
Joint Forensics Research
205.422.2113
gar () cis uab edu

-----------------------------------------------------------

Current thread:

Pointless email spam Gary Warner (Apr 15)
- Re: Pointless email spam Roger A Safian (Apr 15)
- Re: Pointless email spam Dennis Bohn (Apr 15)
  - Re: Pointless email spam Heath Barnhart (Apr 15)
    - Re: Pointless email spam Scherck, Daniel (Apr 15)
    - Re: Pointless email spam Curtis McNay (Apr 17)
- Re: Pointless email spam Gade, Werner (Apr 15)
  - Re: Pointless email spam Jacobson, Dick (Apr 15)
    - Re: Pointless email spam Bob Bayn (Apr 15)
    - Re: Pointless email spam Jeff Firestone (Apr 16)