John Ives wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Everyone,
>
> As many of you may be aware, many people on campus started getting
> phishing emails purporting to be from CalState 9 Credit Union over
> the last couple weeks. Yesterday we received a call from CalState 9
> that they are concerned that these attacks could disproportionately
> affect members of our campus community. System and Network Security
> (SNS) is working with CalState 9 to identify where these attacks may
> have led people so that we can go through our own logs in an effort
> to identify who, if anyone, may have fallen victim to this attack.
I have been tracking these phishes informally for the past few weeks,
and, although the sites move around a lot, I often see the string
"calstate9" somewhere in the URL. It's probably worth tracking that
string via the IDSes to see if it pops up.
[snip]
> 3. Use anti-virus software and a firewall (like the campus
> licensed Symantec Corporate Edition available at
> http://software.berkeley.edu), and keep them up to date.
#3 is a good idea, and it's required by MSS, but it's important to
remember that this particular item will not protect users from phishing
scams. It's important that users are not lulled into a false sense of
security, thinking that they can't get scammed if they have a firewall.
michael
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about MAGNet, its meetings and events, and its
mailing list, including information on subscribing and unsubscribing,
see the MAGNet Web site at <http://magnet.berkeley.edu/>.
Received on Thu Jan 5 10:27:09 2006
This archive was generated by hypermail 2.1.8 : Thu Jan 05 2006 - 10:27:09 PST