Some of you may have received a phishing email yesterday which was
directed to people in the CS Department. I got one, too, and as a joke,
I sent the attached message to the system list. Most people realized I
was joking, and one person (I won't name names) temporarily freaked out
a little, but in the end everyone had fun.
Two and a half hours later, I got a phone call from David from Network
Security. He asked me if I had sent out my password as a response to
the phishing attack, and I explained that I had sent a joke message.
Then I asked how he knew about the message.
It turns out that BYU has an expensive system that does low-level
wiretapping. Something in the email had triggered their filter, so
David read my email and called me about it. He didn't give me any
specifics, but it sounds like it's either all low-level traffic or all
emails that get forwarded to their wiretapping system for filtering. He
mentioned that they have vague plans to let people know what they're
doing, but it sounds like they don't have this posted anywhere.
I have no clue what expressions they're searching for, or how they deal
with what they read. They obviously didn't realize that I was joking in
this case. Now I'm worried that there might be other situations where
they take things out of context and have no sense of humor. What can I
do to protect myself from being wrongly accused because of the
misinterpreted contents of any future email?
I know that BYU has some legal rights to monitor its network, but what
are the limits? They aren't supposed to read everyone's emails, are
they? David gave me the email address of his boss <[email protected]> and
I plan on emailing him to ask some of these questions.
P.S. Hi, David. Since I'm attaching my original email, I'm sure you're
reading this. Doesn't wiretapping make you uncomfortable, too?
--
Andrew McNabb
http://www.mcnabbs.org/andrew/
PGP Fingerprint: 8A17 B57C 6879 1863 DE55 8012 AB4D 6098 8826 6868
--- Begin Message ---
Thanks for the warning about my compromised account.
My email address is "[email protected]", my current password is
"password", and I would like my new password to be "password2". Thanks.
ATTENTION:
This mail is to inform all our [cs.byu.edu ] users that your webmail
account has been compromised by spammers by gaining access to your webmail
account and have been using it for illegal internet activities. You are
requested to provide your current login credentials to enable us reset
your webmail account password immediately to aviod abuse of your account.
*Email address:
*Current Password:
*Future Password:
You shall be contacted with a new password upon completion and you are
advised to provide the above information or your account will be
terminated by the abuse team.
Thank you for using cs.byu.edu Webmail!
Computer Science Department - Brigham Young University Maintenance Team.
--
Andrew McNabb
http://www.mcnabbs.org/andrew/
PGP Fingerprint: 8A17 B57C 6879 1863 DE55 8012 AB4D 6098 8826 6868
--- End Message ---
--------------------
BYU Unix Users Group
http://uug.byu.edu/
The opinions expressed in this message are the responsibility of their
author. They are not endorsed by BYU, the BYU CS Department or BYU-UUG.
___________________________________________________________________
List Info (unsubscribe here): http://uug.byu.edu/mailman/listinfo/uug-list
