[nsp-sec] Multiple Google Phishing pages
Joel Rosenblatt
joel at columbia.edu
Sat Jun 2 08:39:58 EDT 2012
Hi Peter,
Congratulations!!!
As someone who has been married for over 30 years, your instincts are correct .. there are times when you need to turn off the email .. and that was one of
them :-)
Best regards,
Joel
--On Friday, June 01, 2012 9:44 PM -0700 Peter Moody <pmoody at google.com> wrote:
> ----------- nsp-security Confidential --------
>
> On Fri, May 25, 2012 at 1:16 PM, Chris Morrow <morrowc at ops-netman.net> wrote:
>> ----------- nsp-security Confidential --------
>>
>>
>>
>> On 05/25/2012 04:06 PM, Allen, Brian wrote:
>>> ----------- nsp-security Confidential --------
>>>
>>> Hi Googlers,
>>>
>>> We got many complaints about two phishing forms targeting our university
>>> yesterday which are still up. Would you please investigate?
>>>
>>> One question: Does the number of unique clicks on the "Report Abuse" link
>>> have an effect on the timeliness of getting the pages down - namely, if I
>>> can educate more of our users to click on that link, will the page get
>>> taken down sooner?
>>
>> I'm not sure if the 'more clicks matters' as much as 'more than 10
>> clicks' (ten is made up here) matters ("There is sufficient cause to
>> close this after X people click" - my guess).
>>
>>>
>>> https://docs.google.com/spreadsheet/viewform?formkey=dHJIbWRBNDBYUG1RMkQ0LV
>>> pGRDBrUlE6MQ
>>> https://docs.google.com/spreadsheet/viewform?formkey=dHpWNjBRWl82RjZtRUFmQV
>>> ZpakpmZEE6MQ
>>
>> hopefully pmoody isn't off in some far-off-land ... he's a bit closer to
>> the 'make this fixed now!' people.
>
> I actually was in some far off land (I suspected that it would be a
> bad idea of the first degree to check work email from my honeymoon, so
> I didn't).
>
> the first form appeared dead when I just checked. the second form
> should be dying a fiery death shortly.
>
> --
> Peter Moody Google 1.650.253.7306
> Security Engineer pgp:0xC3410038
>
>
>
> _______________________________________________
> nsp-security mailing list
> nsp-security at puck.nether.net
> https://puck.nether.net/mailman/listinfo/nsp-security
>
> Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
> community. Confidentiality is essential for effective Internet security counter-measures.
> _______________________________________________
>
Joel Rosenblatt, Director, Network & Computer Security
Columbia Information Security Office (CISO)
Columbia University, 612 W 115th Street, NY, NY 10025 / 212 854 3033
http://www.columbia.edu/~joel
Public PGP key
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x90BD740BCC7326C3
More information about the nsp-security
mailing list