Re: Fake-alert: VERIFY YOUR MERIT.EDU WEBMAIL ACCOUNT

• From: Graeme Fowler
• Date: Sat May 24 12:16:09 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

On Sat, 2008-05-24 at 17:02 +0200, Peter Dambier wrote:
> I dont trust it:

Quite right too, it's a spear-phishing attack. This is currently an
almost daily occurrence for .edu domains.

The compromised accounts are frequently abused via webmail systems,
being used to send out more scams.

The scammers responsible are also targeting UK higher ed institutions,
with a limited degree of success. I can't really speak for my US
counterparts with regards the success of the attacks, but one would
surmise that it's more or less the same. To paraphrase badly:

All users are gullible, but some are more gullible than others.

-g

• Follow-Ups:
  • Re: Fake-alert: VERIFY YOUR MERIT.EDU WEBMAIL ACCOUNT Matthew Black

• References:
  • Fake-alert: VERIFY YOUR MERIT.EDU WEBMAIL ACCOUNT Peter Dambier

• Prev by Date: Re: amazonaws.com?
• Next by Date: OT: problems getting to our net in maroc
• Date Index
• Thread Index
• Author Index
• Historical