A new format of spam
Theo Markettos
theom+news at chiark.greenend.org.uk
Tue Jun 30 14:00:09 BST 2009
In article <4A49F7F1.7030002 at ernest.net> you wrote:
> Some stuff pretending to come from administrators (often administrators
> of webmail providers) asks for the usual phishing stuff.
I had one from a UK local authority (who I've never corresponded with)... it
had the usual phishing body text, but the standard disclaimers top and
bottom. Looking at the headers I was fairly confident that it /had/ come
from their network, and that it was the user's account that had been
compromised.
I know phishermen are targeting university email systems for email
credentials, so perhaps this is a similar attack.
(I'm surprised it's worth the effort to run such targeted attacks... what do
they gain other than a slightly more prestigious/plausible email address and
perhaps access to the internal addressbook?)
Theo
More information about the ukcrypto
mailing list