[89527] in North American Network Operators' Group
Re: New depths in phishing
daemon@ATHENA.MIT.EDU (Suresh Ramasubramanian)
Fri Mar 24 09:59:11 2006
Date: Fri, 24 Mar 2006 20:28:42 +0530
From: "Suresh Ramasubramanian" <ops.lists@gmail.com>
To: "Lucy E. Lynch" <llynch@darkwing.uoregon.edu>
Cc: nanog@merit.edu
In-Reply-To: <Pine.LNX.4.64.0603240648340.20199@geoduck.uoregon.edu>
Errors-To: owner-nanog@merit.edu
On 3/24/06, Lucy E. Lynch <llynch@darkwing.uoregon.edu> wrote:
>
> edu skimming - try http://umich.edu.com/
>
edu.com is quite old as far as domains go... but its not really a
phisher as far as i can see - its a purveyor of "online diplomas" from
assorted universities, and some obvious diploma mills (including
those of the spamming variety, such as the University of Phoenix)
www.imamoron.edu.com works as well .. by the way
Registrant:
Vantage Media Corporation
1350 Abbot Kinney Blvd #203
Venice, California 90291
United States
Registered through: GoDaddy.com
Domain Name: EDU.COM
Created on: 24-Nov-98
Expires on: 23-Nov-10
Last Updated on: 14-Jun-05
Administrative Contact:
Administrator, Domain domainadmin@vantagemedia.com
Vantage Media Corporation
1350 Abbot Kinney Blvd #203
Venice, California 90291
United States
3104823737 Fax --
Technical Contact:
Administrator, Domain domainadmin@vantagemedia.com
Vantage Media Corporation
1350 Abbot Kinney Blvd #203
Venice, California 90291
United States
3104823737 Fax --
Domain servers in listed order:
PDNS1.ULTRADNS.NET
PDNS2.ULTRADNS.NET
PDNS3.ULTRADNS.ORG
PDNS4.ULTRADNS.ORG
PDNS5.ULTRADNS.INFO
PDNS6.ULTRADNS.CO.UK
> nice!
>
> --
> Lucy E. Lynch Academic User Services
> Computing Center University of Oregon
> llynch @darkwing.uoregon.edu (541) 346-1774
>
> ---------- Forwarded message ----------
> Date: Thu, 23 Mar 2006 12:37:24 -0800
> From: David Lundy <dlundy@pacific.edu>
> Reply-To: UNIversity Security Operations Group <unisog@lists.sans.org>
> To: unisog@lists.sans.org
> Subject: Re: [unisog] Problems with EDU.COM domain
>
> It looks like a wild card. Things like zzz.edu.com resolve.
>
> David Lundy
> Acting IT Security Officer
> University of the Pacific
>
> >>> YorkJ@brcc.edu 03/23/06 11:09 AM >>>
> Wow, even lowly community colleges are listed in the phishing sites
> edu.com. They must have copied the entire .edu domain. I just called
> Educause (.edu registrar) to let them know about it--the lady I talked
> to hadn't seen it yet, but promised to send the info to their
> management.
> Thanks
> John
>
> John York
> Network Engineer
> Blue Ridge Community College
>
>
> _______________________________________________
> unisog mailing list
> unisog@lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog
> _______________________________________________
> unisog mailing list
> unisog@lists.sans.org
> http://www.dshield.org/mailman/listinfo/unisog
>
--
Suresh Ramasubramanian (ops.lists@gmail.com)
