North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Fake-alert: VERIFY YOUR MERIT.EDU WEBMAIL ACCOUNT
On Sat, 24 May 2008 17:14:33 +0100 Graeme Fowler <[email protected]> wrote: On Sat, 2008-05-24 at 17:02 +0200, Peter Dambier wrote:I dont trust it: As a US EDU, I can attest to the fact that a handful of our webmail accounts have been compromised and subsequently used to send out these types of phishing attacks. We never figured out how the accounts were compromised. I suspect users with hand-held devices are being snooped when they use IMAP. Our webmail is SSL, but not IMAP. Most of the spammers' messages appear as though someone is manually using their cut & paste to generate the spam, not anything automated (based on the rate messages go out. Seems rather tedious.
|