John Resotko wrote: > You'll probably want to warn your users about this as yet another attempt, and not a very good one, to trick people out of their MSU Net ID and password. This one is coming from a Gmail account, and not very well disguised at that. > John, et al, I'm not sure about your guys, but we find that the headers for the message help us the most when dealing with how to tackle the problem. We've already found about 3 different IP addresses and put them in a 24 hour trap. Here's a link to a Help Desk / Techbase article that you can pass onto users instructing them how to find headers in several different email clients. http://techbase.msu.edu/article.asp?id=974 Just thought you all might like to know. On a related note, if any of you wind up sending this or any other phishing attempt info to postmaster@ or abuse@ please, Please, PLEASE be sure to include full headers! :-) Thanks! ./brm