An ad will be running in the State News this Friday as part of LC&T's SecureIT educational campaign we have discussed at previous IT Exchange meetings. The content of the ad includes a message about phishing. We are also working with a reporter at the State News on a story about phishing with the hope it will run next week. If anyone on this list would like to help reinforce the SecureIT message, please let me know. We would be happy to send you copies of the attached publications for distribution in your department/college. Katherine Ball ats.msu.edu computing.msu.edu/secureIT (517) 353-3295 -----Original Message----- From: MSU Network Administrators Group [mailto:[log in to unmask]] On Behalf Of John Resotko Sent: Tuesday, August 26, 2008 12:33 PM To: [log in to unmask] Subject: Re: [MSUNAG] Unusually High Flood of Virus Emails? Between our Barracuda and our IPS, I haven't seen any infected .zip files make it to our user's inboxes. I have seen a huge spike in fake email asking for your login and password information. We've had a few claiming to be from MSU, but a new twist has emerged this week. We're now seeing bogus email claiming to be from the email administrator at another site, telling the user that their email address has been blacklisted due to excessive spam, and that their web based email account is compromised. Then, the message gives the usual "just give us your email ID and password, and we'll reset your account and take it off the blacklist", with the threat that if you don't, your account could be permanently disabled. Most of my users are adept at spotting these, or calling and asking if they are unsure. Anyone else seeing lots of these types of phishing attacks? John A. Resotko Head of Systems Administration Michigan State University College of Law 208 Law College Building East Lansing, MI 48824-1300 email: [log in to unmask] Phone: 517-432-6836 Fax: 517-432-6861 Current Chairperson of the MSU Network Communications Community >>> Al Puzzuoli <[log in to unmask]> 8/26/2008 12:01 PM >>> Over the last 24 hours or so, Has anyone else noticed a major spike in spam containing an attachment called photo.zip? According to Nod32, this attachment contains the Win32/TrojanDropper.Delf.NHZ. We're getting pounded by this thing at the RCPD. Al Puzzuoli Information Technologist Resource Center for Persons with Disabilities 517-884-1915 120 Bessey Hall East Lansing, MI 48824-1033 http://www.rcpd.msu.edu