Haha. Unfortunately I agree. Our CIO has sent out two or three emails to faculty and staff as well as students telling them to ignore these messages since they started arriving, but yet we've still had faculty and students who have given them away anyway.
-----Original Message----- From: Arvid Ephraim Picciani [mailto:a...@exys.org] Sent: Saturday, April 25, 2009 4:06 AM To: users@spamassassin.apache.org Subject: Re: Phishing Casartello, Thomas wrote: > The phish are coming from real hacked accounts (Basically people that have > gotten the phish email and fallen for it) at other Educational institutes > (We already use SPF). I'd go for a non technical solution here, since its effects only a small amount of organisations. Talk to the postmaster of the other organisations to track the source, make your users sensible to phishing attacks (seriously, somone thinking peter-foo-...@students.myuniversity.edu is an admin, should not be allowed to use a computer until proper training) Unfortunatly the amount of stupid people on universities seems to increase rapidly...
