[LINK] Re: Account Update
Richard Chirgwin
rchirgwin at ozemail.com.au
Mon Apr 21 18:38:14 AEST 2008
Stephen,
I'd be interested to know what the ISP can do (I regularly get attempted
phishes targeting ISPs). The ISP, in this sense, is co-victim with the
customer.
But if the customer goes ahead, logs in, and the login is intercepted on
the way through, what defence can the ISP offer to the customer.
Phishing is an IQ test that, alas, too many people fail. Block HTML and
images for incoming e-mails, don't log in to anything using links in
e-mails - the rules are simple, but people still break them.
RC
stephen at melbpc.org.au wrote:
> Hi Howard and all,
>
> Howard, the whole email is a phish .. i've never had a Netspace account.
>
> But, having received this phish for this major ISP (^60% of Vic schools),
> I'm giving Netspace their opportunity to advise the Link Institute of some
> company measures to protect customers and our net from any phished access.
>
> cheers, Howard
>
>
>> Did you login into your Netspace account after this deadline date -
>> directly, not via the phish address - and did it work for you?
>>
>> stephen at melbpc.org.au wrote:
>>
>>
>>> Dear Netspace, and Link Institute mailing list,
>>>
>>> The following email's reply mailto address is: acct.helpdesk at y7mail.com
>>>
>>> Am wondering, Netspace, (being a major Australian ISP) if you'd advise
>>> myself (and Link) if this phish is common, and some of the protections
>>> from such you have in place for account holders, and for the Internet?
>>>
>>> Cheers Netspace
>>> Stephen Loosley
>>> Victoria, Australia
>>> --
>>>
>>> From: Netspace Support Team <support at netspace.net.au>
>>> To: stephen at melbpc.org.au
>>> Date: Wed, 16 Apr 2008 01:14:57 +1000
>>> Subject: Account Update
>>>
>>> Dear User,
>>>
>>> We wrote to you on 29th March 2008 advising that you change the
>>> password on your account in order to prevent any unauthorised
>>> account access following the network intrusion we previously
>>> communicated.
>>>
>>> we have found the vulnerability that caused this issue, and have
>>> instigated a system wide security audit to improve and enhance our
>>> current security, in order to continue using our services you are
>>> require
>>> to update you account details below.
>>>
>>> To complete your account verification, you must reply to this email
>>> immediately and enter your account details below.
>>>
>>> Username: (**************)
>>>
>>> password: (**************)
>>>
>>> Failure to do this will immediately render your account
>>> deactivated from our database.
>>>
>>> We apologise for the inconvenience that this will cause you during
>>> this
>>> period, but trust you understand that our primary concern is for our
>>> customers and for the security of their data.
>>> our customers are totally secure
>>>
>>> Netspace Support Team
>>>
>>>
>>> Message sent using MelbPC WebMail Server
>>>
>>>
>>>
>>> _______________________________________________
>>> Link mailing list
>>> Link at mailman.anu.edu.au
>>> http://mailman.anu.edu.au/mailman/listinfo/link
>>>
>>>
>> --
>> Howard.
>> LANNet Computing Associates - Your Linux people <http://lannetlinux.com>
>> When you want a computer system that works, just choose Linux;
>> When you want a computer system that works, just, choose Microsoft.
>> --
>> Flatter government, not fatter government; abolish the Australian states.
>>
>>
>
>
> Message sent using MelbPC WebMail Server
>
>
>
> _______________________________________________
> Link mailing list
> Link at mailman.anu.edu.au
> http://mailman.anu.edu.au/mailman/listinfo/link
>
>
More information about the Link
mailing list