LISTSERV 16.0 - MSUNAG Archives

An ad will be running in the State News this Friday as part of LC&T's
SecureIT educational campaign we have discussed at previous IT Exchange
meetings. The content of the ad includes a message about phishing.

We are also working with a reporter at the State News on a story about
phishing with the hope it will run next week.

If anyone on this list would like to help reinforce the SecureIT message,
please let me know. We would be happy to send you copies of the attached
publications for distribution in your department/college.

Katherine Ball
ats.msu.edu
computing.msu.edu/secureIT
(517) 353-3295


-----Original Message-----
From: MSU Network Administrators Group [mailto:[log in to unmask]] On
Behalf Of John Resotko
Sent: Tuesday, August 26, 2008 12:33 PM
To: [log in to unmask]
Subject: Re: [MSUNAG] Unusually High Flood of Virus Emails?

Between our Barracuda and our IPS, I haven't seen any infected .zip
files make it to our user's inboxes.  I have seen a huge spike in fake
email asking for your login and password information.  We've had a few
claiming to be from MSU, but a new twist has emerged this week.  We're
now seeing bogus email claiming to be from the email administrator at
another site, telling the user that their email address has been
blacklisted due to excessive spam, and that their web based email
account is compromised.  Then, the message gives the usual "just give us
your email ID and password, and we'll reset your account and take it off
the blacklist", with the threat that if you don't, your account could be
permanently disabled.  

Most of my users are adept at spotting these, or calling and asking if
they are unsure.  Anyone else seeing lots of these types of phishing
attacks? 

John A. Resotko
Head of Systems Administration
Michigan State University College of Law
208 Law College Building
East Lansing, MI  48824-1300
email: [log in to unmask]
Phone: 517-432-6836
Fax: 517-432-6861 

Current Chairperson of the 
MSU Network Communications Community


>>> Al Puzzuoli <[log in to unmask]> 8/26/2008 12:01 PM >>>
Over the last 24 hours or so, Has anyone else noticed a major spike in
spam containing an attachment called photo.zip?  According to Nod32,
this attachment contains the Win32/TrojanDropper.Delf.NHZ.

We're getting pounded by this thing at the RCPD.



Al Puzzuoli
Information Technologist                                       
Resource Center for Persons with Disabilities  517-884-1915  120
Bessey
Hall East Lansing, MI  48824-1033 http://www.rcpd.msu.edu