23rd January
latest news: Anna's sweet and sticky pork buns

latest news

App Challenge Logo

Photo Diary app wins York prize

Friday, 20th January 2012

A group of York students has won the opportunity to have their very own I-phone application developed after winning The App Challenge final, held at the Ron Cooke Hub on Wednesday, January 18.

computer

Students warned about loans scam

Thursday, 19th January 2012

YUSU Welfare officer Bob Hughes has warned students to be vigilant after a student loans phishing scam has been revealed.

Her Most Gracious Majesty

Queen Comes to York

Wednesday, 18th January 2012

Her Majesty the Queen will be visiting York on Maundy Thursday, 5th April, as part of the 800th anniversary of York’s Charter for the traditional “Royal Maundy” ceremony.

Berrick Saul

Flooding Triggers Network Outage On Eve Of Exams

Saturday, 14th January 2012

A flood caused by a heating system “failure” forced the university IT services to shut down many essential systems on Sunday night, causing problems for many students on the eve of their exams and assignment due-dates.

more news

Red Phone
King's Manor
Aimee and Kevin the Cow
Bomb Disposal Unit
Central Hall & North side of the lake
King's Manor
The Yorker Logo
christmas
Central Hall & North side of the lake

Spam e-mail raises concerns

keyboard computer
Inboxes at risk
Saturday, 10th May 2008
A spam e-mail sent to York students has raised concerns about the privacy of university-provided accounts.

On Monday, 5th May, Proof-Reading-Service.org contacted students via their university e-mail account, offering to proofread their "reports, essays, dissertations and PhD theses" at a rate of £6.95 per thousand words.

Approximately 70% of valid YorkMail accounts received the e-mail, amounting to 14,300 messages.

Quote Such services undermine academic achievement and progression Quote
Anne-Marie Canning, YUSU President

Anne-Marie Canning, YUSU President, warned students to be "wary of the e-mail and delete it straight away".

Canning added that “such services undermine academic achievement and progression”, noting that "there are no guarantees that this company are even able to proof read well".

Computing Services have assured The Yorker that the university’s data protection system has not been breached and that no mailing list exists which contains all staff and/or student e-mail addresses.

Proof-Reading-Service.org have admitted to using an American third party to promote their services via e-mail, and have apologised for any inconvenience caused.

The company has received a number of complaints about the spam sent on their behalf.

They claim that their advertisers sent out e-mails on a much wider scale than was anticipated, without authorisation.

The Message Lab's virus and spam filtering service that the University of York subscribes to blocks 98% of spam intended to reach university accounts.

Computing Services advise students to install good quality anti-virus software and consider installing anti-spyware or phishing software in order to deal with spam and ensure safe computing use.

Check out The Yorker's Twitter account for all the latest news Go to The Yorker's Fan Page on Facebook
#1 Chris Northwood
Sat, 10th May 2008 7:14pm

I guess that it's not too hard to figure what all the York e-mail addresses are, something along the lines of spamming all the e-mail addresses of the form [a-z]{2,4}[0-9]{2,3}@york.ac.uk (that is, any combination of letters followed by numbers) will probably hit most people.

One of the major anti-virus/spyware/spam companies is currently running an anti-spam campaign: http://www.sophos.com/security/blog/2008/05/1364.html

#2
Sat, 10th May 2008 8:00pm

Not too hard now you've given the formula, no!

#3 Susie Plummer
Sun, 11th May 2008 4:55pm

It's fine...its the wrong formula!!

#4 Alan Jenkins
Tue, 13th May 2008 8:13pm
  • Tue, 13th May 2008 8:14pm - Edited by the author
  • Wed, 14th May 2008 1:34am - Edited by a moderator (less)

But there is a rather more accurate way.

That gave me a list of about 12000 genuine usernames - quite a catch for a spammer. It'd be nice if they could prevent this somehow.

Clarification: this only works if you're already a York user.

#5 Chris Northwood
Tue, 13th May 2008 8:53pm

Hmm, that is quite worrying. Should be fairly trivial to run the sftpd in a chroot.

Add Comment

You must log in to submit a comment.