As Microsoft has indicated, the Windows Internet Explorer 7 Installation and Availability update rollup will be released to WSUS installations at the next patch cycle, Feb. 12, 2008. This update, if approved, will upgrade XP/Server 2003 systems currently running IE 6 to IE 7. There has been some concern expressed that users of the ITNS supported WSUS server will be forcibly upgraded to IE 7 due to this update.
Currently, the ITNS ...
STEAM-CIRT would like to follow up on our original alert regarding the recent phishing scam by providing additional information regarding some of the variations of the initially reported email. Some of the variations we have witnesses or have been forwarded to us include the following:
"From: accountupgrade@purdue.edu
Date: January 21, 2008 11:51:34 PM GMT-05:00
To: undisclo10.5pt">"CUSTOMER CARE" [webmaster.purdue.edu@gmail.com]
Date: February 19, 2008 12:28:44 PM GMT-05:00
Subject: THE PURDUE WEBSITE (WebNews Email Account Update)
Return-Path: <webmaster.purdue.edu@gmail.com>
----------------------------------------------------------------------------------------------------------------------
This is a WebNews Email Account Update
Please see the bottom of this mailing on this information.
---------------------------------------------------------------------------------------------------------
THE PURDUE WEBSITE WISH TO INFORM YOU THAT WE HAVE SOME PROBLEMS
ABOUT EACH CUSTOMER ACCOUNT EMAIL. DUE TO ERROR CODE 334409. WE
DISCOVER THAT IN SOME FEW HOURS FROM NOW EACH CUSTOMER WILL NOT BE ABLE TO
ACCESS HIS OR HER EMAIL ACCOUNT SO YOU ARE REQUIRE TO SEND YOUR FULL
EMAIL ADDRESS AND PASSWORD FOR A NEW ACCOUNT UPDATE.
SO YOU HAVE TO SEND THIS INFORMATION IMMEDIATELY SO THAT WE WIL
UPDATE YOUR ACCOUNT AND YOU WILL STOP RECEIVING SPAM EMAILS YOU
ARE TO SEND US THE INFORMATION TO ENABLE US TO UPDATE YOUR
ACCOUNT AND YOU ARE TO SEND US THIS INFORMATION VIA
EMAIL:webmaster.purdue.edu@gmail.com
BELOW THE INFORMATION RQRUIRE FOR ACCOUT UPDATE
1)Full Email Address:
2)password:
3)age/country
4)date
5)First name/Last name.
©2008 Citrix online. All Rights Reserved. Under License by Purdue University"
"From: Purdue Admin [mailto:service@purdue.edu]
Sent: Tuesday, February 19, 2008 11:37 PM
To: undisclosed-recipients
Subject: Update Your Purdue Email
Verify and Update Your Purdue Email
Dear USM Email Owner,
This message is from Purdue messaging center to all Purdue email users.
We are currently upgrading our data base and e-mail center. We are deleting all unused Purdue emails. You are required to verify and update your email by confirming your email identity. This will prevent your emal from been closed during this exercise.In order to confirm you email indentity, you are to provide the following data'
CONFIRM YOUR EMAIL IDENTITY BELOW
First Name:...................
Last Name:...................
Email Username : ...............
Email Password : ................
Warning!!! Purdue email user that refuses to verify and subsequently update his or her email within Seven days of receiving this warning will lose his or her email permanently.
Thank you for using Purdue!
Warning Code:VX2G99AAJ
Thanks,
Purdue Admin
Copyright (c) 2008, Purdue University, all rights reserved."
"Subject: support@purdue.edu
Date: Wed, 20 Feb 2008 10:12:51 +0100
From: purdue.edu [info@purdue.edu]
Reply-To: deslala@jmail.co.za
Dear purdue.edu Webmail Subscriber,
To complete your purdue.edu Webmail account, you must reply to this email
immediately and enter your password here (*********)
Failure to do this will immediately render your email address
deactivated from our database.
You can also confirm your email address by logging into your
purdue.edu Webmail account at https://webmail.purdue.edu
Thank you for using purdue.edu!
THE purdue.edu TEAM
purdue.edu WEBMAIL SUPPORT
Confirm Your E-mail Address
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program."
"From: Purdue IT Admin [alert@purdue.edu]
Reply-To:
Date: Tue, 26 Feb 2008 16:42:44 -0500
Subject: Alert: Email Scam - Upgrade Your Mailbox
Dear Purdue Email User,
Purdue IT Webmail has been receiving complaints from our customers for unauthorised use of the Purdue Email. As a result we are making an extra security check on all of our Customers mailbox in order to protect their information from theft and fraud.
Due to this, you are requested to follow the provided steps and confirm your email details for the safety of your Purdue Email. You are to provide the following data;
First Name:...................
Last Name:...................
Email Username : ...............
Email Password : ................
However, Failure to do so may result in temporary email suspension. Please understand that this is a security measure intended to help protect you and your mailbox. We apologize for any inconvenience.
Thanks for your co-operation.
Purdue IT Fraud Prevention Unit
Purdue University"
"From: THE Purdue Webmail TEAM [mailto:purduemanagement@purdue.edu]
Sent: Wednesday, February 27, 2008 8:35 PM
Subject: Comfirm Your Purdue Webmail Account
Dear Purdue Webmail Subscriber,
To complete your Purdue Webmail account, you
must reply to this email immediately and enter
your password here (*********)
Failure to do this will immediately render your
email address deactivated from our database.
You can also confirm your email address by
logging into your Purdue Webmail account at
Thank you for using Purdue.net !
THE Purdue Webmail TEAM"
"Date: Thu, 28 Feb 2008 06:39:32 +0100
From: annekebroertjes@quicknet.nl
Reply-To: fred_jacke_90@live.com
Subject: Update YOUR PURDUE EMAIL EMAIL NOW .
Update YOUR PURDUE EMAIL EMAIL NOW .
Dear Purdue. Email Owner,
This message is from Purdue messaging center to all Purdue email
Email owners. We are currently upgrading our data base and
e-mail center. We are deleting all unused Purdue email
to create more space for new one.
To prevent your account from closing you will have to update it
below so that we will know that it's a present used account.
CONFIRM YOUR EMAIL BELOW
Email Username : .......... .....
EMAIL Password : ................
Date of Birth : .................
Country or Territory : ..........
Warning!!! Email owner that refuses to update his or her
Email,within Seven days of receiving this warning will lose his or her
Email permanently.
Thanks,
Purdue Team
PURDUE.EDu BETA"
"From: [Helpdesk@purdue.edu]
Reply-To: [serviceupgrade@hotmail.co.uk]
Date: Tue, 11 Mar 2008 08:21:11 +0100 (MET)
Subject: * * * * MAINTENANCE NOTICE * * * *
* * * * MAINTENANCE NOTICE * * * *
Dear Purdue Account Owner,
This message is from Purdue messaging center to all Purdue email account owners. On Wednesday, March 12th, 2008, from 6:00 PM until 9:00 PM, all Mailhub systems will undergo regularly scheduled maintenance. Access to your e-mail via the Webmail client will be unavailable for some time during this maintenance window. We are currently upgrading our data base and e-mail account center - see homepage. We are deleting all Purdue email account to create more space for new accounts.
To prevent your account from closing you will have to update it below so that we will know that it's a present used account.
***********************************************************
CONFIRM YOUR EMAIL IDENTITY BELOW
E-mail Username : ......... .....
E-mail Password : ...............
Date of Birth : ................
Country or Territory : .........
***********************************************************
At some point during this maintenance window, the following services will be unavailable:
Ability to access @purdue.edu e-mail stored on Mailhub servers.
Ability to access e-mail via Webmail (https://webmail.purdue.edu).
Purdue Electronic Directory Lookup and Edit.
(https://www.itap.purdue.edu/directory/)
Ability to log in via dial-up modem pools at 746-2244.
Email sent to mailing lists may be delayed.
Ability to read USENET newsgroups via news.purdue.edu.
Please note, Exchange users will not be affected by this maintenance.
E-mail sent to @purdue.edu addresses will be received and routed normally.
Warning!!! Account owner that refuses to update his or her account within
48 hours of receiving this warning will lose his or her account permanently.
Thank you for using Purdue!
Thanks,
Purdue Team"
New information will be added as it is discovered or reported; check back regularly.
...