Why there's a bunch of spam from university webmail systems right now
April 9, 2008
You may have noticed that as of late there's a bunch of spam (usually advance fee fraud spam) coming from various university webmail systems. (When it has real IP origin information, it is often from the usual suspects.)
Until now, I thought that this was because spammers had worked out how to compromise webmail systems. It turns out that it is worse than that; phishers are specifically targeting universities. And these are not your run of the mill ordinary phish attacks, where you get email about your account at a bank you don't use in a country you don't live in. I'll quote (with permission) from Alex Nishri:
Compromised accounts have been used for spam, and also probably have been resold for things like access to our library system's university-only online collection. The attacks have been very successful; such a phish message might go to 2000 people, and about 20 to 30 reply.
(I don't know about you, but a 1% success rate scares the heck out of me.)
There's a bunch of unpleasant implications of this. For me, the biggest one is that spammers have clearly determined that there is money to be made in these particular hills. (Actual money generally makes spammers especially ingenious and tenacious.)
Written on 09 April 2008.
* * *
Atom feeds are available; see the bottom of most pages.