[89528] in North American Network Operators' Group
Re: New depths in phishing
daemon@ATHENA.MIT.EDU (Lucy E. Lynch)
Fri Mar 24 10:04:38 2006
Date: Fri, 24 Mar 2006 07:03:04 -0800 (PST)
From: "Lucy E. Lynch" <llynch@darkwing.uoregon.edu>
To: Suresh Ramasubramanian <ops.lists@gmail.com>
Cc: nanog@merit.edu
In-Reply-To: <bb0e440a0603240658k4b998854p291b3eea9e965534@mail.gmail.com>
Errors-To: owner-nanog@merit.edu
On Fri, 24 Mar 2006, Suresh Ramasubramanian wrote:
> On 3/24/06, Lucy E. Lynch <llynch@darkwing.uoregon.edu> wrote:
>>
>> edu skimming - try http://umich.edu.com/
>>
>
> edu.com is quite old as far as domains go... but its not really a
> phisher as far as i can see - its a purveyor of "online diplomas" from
> assorted universities, and some obvious diploma mills (including
> those of the spamming variety, such as the University of Phoenix)
and collecting information from students interested in enrolling
at umich...
> www.imamoron.edu.com works as well .. by the way
>
>
> Registrant:
> Vantage Media Corporation
> 1350 Abbot Kinney Blvd #203
> Venice, California 90291
> United States
>
> Registered through: GoDaddy.com
> Domain Name: EDU.COM
> Created on: 24-Nov-98
> Expires on: 23-Nov-10
> Last Updated on: 14-Jun-05
>
> Administrative Contact:
> Administrator, Domain domainadmin@vantagemedia.com
> Vantage Media Corporation
> 1350 Abbot Kinney Blvd #203
> Venice, California 90291
> United States
> 3104823737 Fax --
>
> Technical Contact:
> Administrator, Domain domainadmin@vantagemedia.com
> Vantage Media Corporation
> 1350 Abbot Kinney Blvd #203
> Venice, California 90291
> United States
> 3104823737 Fax --
>
> Domain servers in listed order:
> PDNS1.ULTRADNS.NET
> PDNS2.ULTRADNS.NET
> PDNS3.ULTRADNS.ORG
> PDNS4.ULTRADNS.ORG
> PDNS5.ULTRADNS.INFO
> PDNS6.ULTRADNS.CO.UK
>
>
>> nice!
>>
>> --
>> Lucy E. Lynch Academic User Services
>> Computing Center University of Oregon
>> llynch @darkwing.uoregon.edu (541) 346-1774
>>
>> ---------- Forwarded message ----------
>> Date: Thu, 23 Mar 2006 12:37:24 -0800
>> From: David Lundy <dlundy@pacific.edu>
>> Reply-To: UNIversity Security Operations Group <unisog@lists.sans.org>
>> To: unisog@lists.sans.org
>> Subject: Re: [unisog] Problems with EDU.COM domain
>>
>> It looks like a wild card. Things like zzz.edu.com resolve.
>>
>> David Lundy
>> Acting IT Security Officer
>> University of the Pacific
>>
>>>>> YorkJ@brcc.edu 03/23/06 11:09 AM >>>
>> Wow, even lowly community colleges are listed in the phishing sites
>> edu.com. They must have copied the entire .edu domain. I just called
>> Educause (.edu registrar) to let them know about it--the lady I talked
>> to hadn't seen it yet, but promised to send the info to their
>> management.
>> Thanks
>> John
>>
>> John York
>> Network Engineer
>> Blue Ridge Community College
>>
>>
>> _______________________________________________
>> unisog mailing list
>> unisog@lists.sans.org
>> http://www.dshield.org/mailman/listinfo/unisog
>> _______________________________________________
>> unisog mailing list
>> unisog@lists.sans.org
>> http://www.dshield.org/mailman/listinfo/unisog
>>
>
>
> --
> Suresh Ramasubramanian (ops.lists@gmail.com)
>
--
Lucy E. Lynch Academic User Services
Computing Center University of Oregon
llynch @darkwing.uoregon.edu (541) 346-1774
