|
I was looking through my spam folder today and saw an interesting phish. The phishing email is looking for email account information. Nothing new about that, except this one seemed to have a broad target range. Normally, these types of phishes are sent to .edu addresses not those outside of academia. From the email headers, this one was sent to the Handlers email which is a .org. A non-technical user, like many of my relatives, would probably respond to this. I could see this being successful against regular webmail users of Gmail, Hotmail, etc. especially if the verbiage was changed slightly. It could also be targeting those who may be enrolled in online universities. I was wondering if anyone else has seen this type of phish toward their non .edu webmail accounts. I have included the email below: From: University Webmaster <university.m@usa.com> |
Lorna 165 Posts ISC Handler Oct 22nd 2012 |
| Thread locked Subscribe |
Oct 22nd 2012 9 years ago |
|
It was mentioned in the article that non-technical users might be caught by this. Would the standard advice of DO NOT put your password in an e-mail not negate the effectiveness of this phish. Even my grandparents know that real companies DO NOT ask for passwords to be sent by email.
|
PW 69 Posts |
| Quote |
Oct 22nd 2012 9 years ago |
|
They can do a lot of damage with that information.
What does the full header look like? |
PW 20 Posts |
| Quote |
Oct 22nd 2012 9 years ago |
|
Pwobbe, you put a lot more faith in humans than I do. If rogues, support scams, and this type of basic account phish didn't work some percentage of the time, I doubt they would be so popular for scammers. As the illustrious Mr. Barnum said, there's a sucker born every minute.
|
hacks4pancakes 48 Posts |
| Quote |
Oct 22nd 2012 9 years ago |
|
I've seen quite a few of these, or some that refer to a bogus website that masquerades as the real web-email login page, etc. And it clearly works - every August - December I see an increase in the amount of spam/phish coming from various universities as their new students fall for the phish-du-jour and their email accounts get compromised.
Not to mention the ginormous amounts of spam I routinely see from compromised yahoo/gmail accounts. (sigh) |
Brent 133 Posts |
| Quote |
Oct 22nd 2012 9 years ago |
|
I agree that I put a lot of trust in humans, but is education not the key to solving this problem. Train your uses to spot 1 phish and hopefully that will be able to spot a lifetime of phish.
Sorry I know that was cheesy but you get the point. |
PW 69 Posts |
| Quote |
Oct 22nd 2012 9 years ago |
|
If education were the solution, then explain why kids drop out of high school.
|
Moriah 133 Posts |
| Quote |
Oct 23rd 2012 9 years ago |
|
> I was wondering if anyone else has seen this type of phish toward their non .edu webmail accounts.
Yes, to both my 'name@university-name.ca' "alma-mater" ID and to my 'name@shaw.ca' personal account -- note that 'shaw.ca' is the largest ISP west of Saskatchewan, which makes it a large target, due to the greater number (though not necessarily greater percentage) of non-security-aware IDs. |
Anonymous |
| Quote |
Oct 25th 2012 9 years ago |
Sign Up for Free or Log In to start participating in the conversation!
https://www.sans.edu
