[unisog] Phishing targeting University Admissions
m.sapsed at bangor.ac.uk
Mon Jun 21 13:49:29 GMT 2004
(Sorry this is a bit late - been away)
Eric Pancer wrote:
> Sergent, Phil wrote on Mon, 2004-06-14 at 11:21:27 -0400...
>>You still accept .zip files!?
> We do, as well. It seems to me that not accepting files with
> extensions is merely a horrible work around. What happens when a new
> virus comes out that names the attachment as foo.fi_ and tells the
> user to save the attachment as foo.zip, then open it?
Is anyone else as surprised as me that our "customers" are willing to
save attached zip files and then unzip them using the password supplied
in the e-mail? Or the likelihood suggested above of renaming a mangled
extension to the right one?
Any bets on the chance of our "customers" being able to do either if we
*wanted* them to???
Information Services "Who do you say I am?"
University of Wales, Bangor Jesus of Nazareth
More information about the unisog