Greetings all,

We saw another report of phishing emails targetting educational institutions this week. It is important to note that these phishing schemes are not just targetting educational institutions. The same techniques are being used extensively overseas as well. We believe these attacks are being used to send more spam. We received some interesting advice from another party on how they mitigated these attacks. They block the following list of email addresses below from external sources:

    "webmaster@.*.DOMAIN"
    "postmaster@.*.DOMAIN"
    "root@.*.DOMAIN"
    "security@.*.DOMAIN"
    "abuse@.*.DOMAIN"
    "admin@.*.DOMAIN"
    "administrator@.*.DOMAIN"
    "service@.*.DOMAIN"
    "register@.*.DOMAIN"
    "online@.*.DOMAIN"
    "info@.*.DOMAIN"
    "support@.*.DOMAIN"
    "secure@.*.DOMAIN"
    "sec@.*.DOMAIN"

This week Microsoft released four critical updates which affected the Office suites. It was reported that Excel documents were being spammed which actively exploited one of the vulnerabilities. We did not personally see any of these Excel files. So if you have been receiving any please feel free to forward them to us.