Between our Barracuda and our IPS, I haven't seen any infected .zip files make it to our user's inboxes. I have seen a huge spike in fake email asking for your login and password information. We've had a few claiming to be from MSU, but a new twist has emerged this week. We're now seeing bogus email claiming to be from the email administrator at another site, telling the user that their email address has been blacklisted due to excessive spam, and that their web based email account is compromised. Then, the message gives the usual "just give us your email ID and password, and we'll reset your account and take it off the blacklist", with the threat that if you don't, your account could be permanently disabled. Most of my users are adept at spotting these, or calling and asking if they are unsure. Anyone else seeing lots of these types of phishing attacks? John A. Resotko Head of Systems Administration Michigan State University College of Law 208 Law College Building East Lansing, MI 48824-1300 email: [log in to unmask] Phone: 517-432-6836 Fax: 517-432-6861 Current Chairperson of the MSU Network Communications Community >>> Al Puzzuoli <[log in to unmask]> 8/26/2008 12:01 PM >>> Over the last 24 hours or so, Has anyone else noticed a major spike in spam containing an attachment called photo.zip? According to Nod32, this attachment contains the Win32/TrojanDropper.Delf.NHZ. We're getting pounded by this thing at the RCPD. Al Puzzuoli Information Technologist Resource Center for Persons with Disabilities 517-884-1915 120 Bessey Hall East Lansing, MI 48824-1033 http://www.rcpd.msu.edu