Community

No
Hammy says 'No Spam!'

Spammers attack SFU email

June 26, 2008

Document Tools

Print This Article

E-mail This Page

Font Size
S      M      L      XL

Related Links

Never give out your SFU computing password via e-mail regardless of how authentic the request may look.       

That’s the urgent message coming from SFU information technology (IT) services after a round of e-mail phishing attacks in mid-June successfully harvested SFU computing passwords and then used them to send spam around the world through SFU’s webmail system.

As a result, Microsoft’s Hotmail system blacklisted the sfu.ca URL, preventing delivery of 5,000 SFU e-mail messages to Hotmail accounts. Then, a few days later, further spam attacks caused the Barracuda spam-filtering system, used by SFU and organizations around the world, to blacklist all SFU e-mail.

"We were actually blacklisting ourselves," says Steve Hillman, SFU’s e-mail administrator, who spent a frantic few days trying to deal with the attacks from his cell phone in Calgary, where he and other SFU IT services staffers were attending a conference.

"It’s only recently that spammers have been targeting our webmail system to send spam," says Hillman. "It’s more difficult to fight than spam sent from a single machine because that volume of messages is abnormal and we have software and a security expert to deal with it. But the webmail system is sending messages all the time, so we can’t detect it. And we don’t filter our own webmail for spam because we don’t expect our users to be sending spam."

He says SFU IT services will never request passwords via e-email and cautions SFU e-mail users not to type their password into suspicious-looking websites that may be masquerading as an SFU log-in authentication page. "That’s the next avenue of attack," he says, and one that many banks have already experienced.

"Always look for sfu.ca in the address bar of any SFU authentication-page website," he cautions, since rogue websites posing as an SFU authentication page will not have sfu.ca at the beginning of the address line.
Search SFU News Online