[Web4lib] Phishing exploits in emails
Drew, Bill
drewwe at MORRISVILLE.EDU
Wed Feb 7 18:19:50 EST 2007
I am beginning to wonder if we as possibly more sophisticated web users
and managers need to make an effort to notify the owners of websites
about such exploits originating from their webserver? I think I will do
that when I can.
Bill Drew
drewwe at morrisville.edu
-----Original Message-----
From: Micah Stevens [mailto:micah at raincross-tech.com]
Sent: Wednesday, February 07, 2007 6:06 PM
To: Drew, Bill
Cc: Web4lib at webjunction.org
Subject: Re: [Web4lib] Phishing exploits in emails
Sounds like their webserver was just hacked and that sub-folder was used
to hold an add. This has happened to a couple of my clients from time to
time. I'm always amazed how people insist on using logins like 'web'
with a password of 'web' for their site FTP. One time I was called
because a client had found some really offensive porn on their site and
couldn't understand how it got there.
If admins don't keep track of their site and don't use secure password
techniques, this type of thing will remain prevalent.
-Micah
More information about the Web4lib
mailing list