[Web4lib] Phishing exploits in emails

Drew, Bill drewwe at MORRISVILLE.EDU
Wed Feb 7 18:19:50 EST 2007


 I am beginning to wonder if we as possibly more sophisticated web users
and managers need to make an effort to notify the owners of websites
about such exploits originating from their webserver?  I think I will do
that when I can.

Bill Drew
drewwe at morrisville.edu

-----Original Message-----
From: Micah Stevens [mailto:micah at raincross-tech.com] 
Sent: Wednesday, February 07, 2007 6:06 PM
To: Drew, Bill
Cc: Web4lib at webjunction.org
Subject: Re: [Web4lib] Phishing exploits in emails

Sounds like their webserver was just hacked and that sub-folder was used

to hold an add. This has happened to a couple of my clients from time to

time. I'm always amazed how people insist on using logins like 'web' 
with a password of 'web' for their site FTP. One time I was called 
because a client had found some really offensive porn on their site and 
couldn't understand how it got there.

If admins don't keep track of their site and don't use secure password 
techniques, this type of thing will remain prevalent.

-Micah


More information about the Web4lib mailing list