Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Oxford University blocks Google Docs as phishing attacks soar

Defending the emeritus professors

Article comments

Oxford University has taken the radical step of temporarily blocking access to Google Docs after a dramatic increase in phishing attacks trying to harvest academic email credentials using bogus forms hosted on the service.

On Monday the University’s IT team it said it dealt with a clutch of account compromises in the space of a few days, almost all using Google Docs to host fake helpdesk alerts.

Unable to get Google to remove the pages quickly enough, and with spammers hijacking legitimate University domain accounts to send spam, the IT department decided to pull the plug for several hours while it considered what technical counter-measures it might deploy.

The attacks had succeeded because a small minority of students and academics were being duped by phishing gangs in the face of the University’s attempts to educate its users on the issue.

“We considered these to be exceptional circumstances,” said Robin Stevens of OxCERT, the University’s network security team, in a blog post.

“Now we may be home to some of the brightest minds in the nation. Unfortunately, their expertise in their chosen academic field does not necessarily make them an expert in dealing with such mundane matters as emails purporting to be from their IT department,” he wrote.

As well as affecting the hijacked accounts of users, allowing spam to flow from the University’s domain risked it being blacklisted by spam filters, he said.

While apologising for disrupting the access of its user base temporarily, Stevens did not rule out taking similar action in the future.

The core problem experienced by Stevens’ department could be the response times of Google. These had improved, Stevens said, but the search giant needed to react within hours in some cases.

The University has had a problem with spam for some time, in August 2011 estimating that the time it took to clean up a single hijacked account could consume one staff member's resources for three working days.

At that time it had dealt with 20 spam account incidents in two months, it said.

In May 2012 Oxford University was also badly affected by the Mac Flashback Trojan that infected approaching 1,000 of its Mac-loving academic population.



More from Techworld

More relevant IT news


Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *