One major issue we've been having lately is with phishing emails being targeted at us. They're being sent to us from hacked accounts at other educational institutes. The message usually is about "Your EDU webmail account is expiring. Please send us your username and password to fix it." We've had some users fall for it, then their Exchange account gets turned into a spam machine (sending out usual junk spam as well as the original phishing message.) Because they are coming from legitimate sites, it's been very difficult to block these messages. I've been trying to write phrase rules with common words used in the message, but whoever's responsible for this is continually changing the message to prevent you from being able to catch them with phrase rules. Any thoughts?
Thomas E. Casartello, Jr. Staff Assistant - Wireless Technician/Linux Administrator Information Technology Wilson 105A Westfield State College (413) 572-8245 Red Hat Certified Technician (RHCT)
smime.p7s
Description: S/MIME cryptographic signature