[unisog] phishing attack against email credentials at auckland.ac.nz
Peter Van Epp
vanepp at sfu.ca
Mon Jun 6 23:16:45 GMT 2005
> I've grabbed some more copies of the email, and we're actually seeing
> 220.127.116.11 in addition to 18.104.22.168. Anyone attempting to
> block this at their border may want to add that ip address as well.
> It also turns out that this doesn't seem to be a phishing attack.
> When I connected to the url on 22.214.171.124 I was sent a window
> unisog mailing list
> unisog at lists.sans.org
Thanks! One of the many joys of argus, I can tell there have been no
connection attempts to that site in the past 24+ hours so I'm probably safe
as long as it doesn't morph yet again.
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
More information about the unisog