[unisog] Phishing targeting University Admissions

Paul Russell prussell at nd.edu
Mon Jun 21 17:38:39 GMT 2004


On 6/21/2004 8:49 AM, Martin Sapsed wrote:
> Is anyone else as surprised as me that our "customers" are willing to 
> save attached zip files and then unzip them using the password supplied 
> in the e-mail? Or the likelihood suggested above of renaming a mangled 
> extension to the right one?

If the A/V software on the mail server is unable to detect malware in an
attachment, but the filename extension is in our list of dangerous
extensions, we append '.unknown' to the filename, and insert a MIME part
at the top of the message advising the recipient that he/she should not
open unexpected attachments. But some folks do it, anyway. I used to be
surprised at that behavior, but not anymore.

--
Paul Russell
Senior Systems Administrator
OIT Messaging Services Team
University of Notre Dame



More information about the unisog mailing list