[nsp-sec] Attention Google - live phising form in googledocs
Joel Rosenblatt
joel at columbia.edu
Fri Oct 21 12:47:33 EDT 2011
Hi,
Live phishing form .. please whack
Thanks,
Joel
> <https://docs.google.com/spreadsheet/viewform?formkey=dG44eWpTOU13OVY4MEZjTG40NzRscGc6MQ>Click
> Here to complete the form.
>
------------ Forwarded Message ------------
Date: Friday, October 21, 2011 12:09 PM -0400
From: Alex Rodriguez <adr5 at columbia.edu>
To: Joel Rosenblatt <joel at columbia.edu>
Subject: security
> Return-Path: <SW_FRC at lacoe.edu>
> Received: from lmtpproxyd (casava-eth1.cc.columbia.edu [128.59.33.137])
> by trout.cc.columbia.edu (Cyrus v2.3.16) with LMTPA;
> Fri, 21 Oct 2011 11:53:33 -0400
> X-Sieve: CMU Sieve 2.3
> Received: from casava.cc.columbia.edu ([unix socket])
> by mail.columbia.edu (Cyrus v2.3.16) with LMTPA;
> Fri, 21 Oct 2011 11:53:33 -0400
> X-Sieve: CMU Sieve 2.3
> Received: from feta.cc.columbia.edu (feta.cc.columbia.edu [128.59.28.164])
> by casava.cc.columbia.edu (8.13.8/8.13.8) with ESMTP id
> p9LFrXAa018588;
> Fri, 21 Oct 2011 11:53:33 -0400
> Received: from EDGE1.lacoe.edu (edge1.lacoe.edu [156.3.254.229])
> by feta.cc.columbia.edu (8.14.4/8.14.3) with ESMTP id p9LFqUZg006929;
> Fri, 21 Oct 2011 11:52:50 -0400 (EDT)
> Received: from cas2.internal.lacoe.edu (156.3.1.12) by EDGE1.lacoe.edu
> (156.3.254.229) with Microsoft SMTP Server (TLS) id 8.2.255.0; Fri, 21 Oct
> 2011 08:52:34 -0700
> Received: from ECMAIL7.internal.lacoe.edu ([156.3.1.14]) by
> cas2.internal.lacoe.edu ([156.3.1.12]) with mapi; Fri, 21 Oct 2011 08:52:43
> -0700
> From: SW_FRC <SW_FRC at lacoe.edu>
> To: "helpdesk-team at live.com" <helpdesk-team at live.com>
> Date: Fri, 21 Oct 2011 08:52:42 -0700
> Subject: Your password will expire in 4days.
> Thread-Topic: Your password will expire in 4days.
> Thread-Index: AQHMkAl388JMG9eUhUaGorR3k+nMSg==
> Message-ID:
> <915393240C37524FAA184076DC7BD46D015818325F82 at ECMAIL7.internal.lacoe.edu>
> Accept-Language: en-US
> Content-Language: en-US
> X-MS-Has-Attach:
> X-MS-TNEF-Correlator:
> acceptlanguage: en-US
> Content-Type: text/html; charset="iso-8859-1"
> MIME-Version: 1.0
> X-Spam-Score: 7.001 (*******) CU_PHISH_25 CU_PHISH_49 CU_TAGGED_LINK
> HTML_MESSAGE MIME_HTML_ONLY
> X-Scanned-By: MIMEDefang 2.68 on 128.59.28.164
>
> Your password will expire in 4days. System Administrator in
> currently working to improve on the security of all the Webmail
> Users as we periodically review certain Accounts which are
> vulnerable to Unauthorised Access. We have noticed some unusual
> invalid login attempts into your Webmail Account. Therefore your
> account has been limited and may experience inability to send and
> receive new mail and might also be disabled.
>
>
> To remove this limitation and initiate your Account Update process,
> please
> <https://docs.google.com/spreadsheet/viewform?formkey=dG44eWpTOU13OVY4MEZjTG40NzRscGc6MQ>Click
> Here to complete the form.
>
>
>
> For more information please
> <https://docs.google.com/spreadsheet/viewform?formkey=dG44eWpTOU13OVY4MEZjTG40NzRscGc6MQ>Click
> Here..
>
> Help Desk
---------- End Forwarded Message ----------
Joel Rosenblatt, Manager Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Public PGP key
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3
More information about the nsp-security
mailing list