I also wonder why so many phishing emails are getting through the university spam filters - a slightly better solution might of been to remove links in external emails that point to docs.google.com.
But anyway, I don't want to start slagging off a particular team that I've never met - maybe they wanted to do all sorts of other, smarter, things and weren't allowed, and maybe they'll be allowed to do them now..
I can believe it, I just don't know why it's not been customised to react to links to docs.google.com if it's such a high volume issue.
It's not a trivial problem by any means, but from the network security team's blog it doesn't seem like they've taken many of the steps that I'd expect prior to cutting off a very high traffic website.
There's the nice clever intelligent solution which could be developed over a few weeks, or there's the fact that the phishers have decided -- for whatever reason -- to go apeshit today.
True, but in this case it seems like it's not a particularly new problem, just something that they've finally reacted to?
They actually mention sinkholing spreadsheets.google.com in this post from August 2011 [1], they actually say "There are also some forms which are more difficult to block ( I don’t think we’d be too popular if we sink-holed spreadsheets.google.com for example)".
But anyway, I don't want to start slagging off a particular team that I've never met - maybe they wanted to do all sorts of other, smarter, things and weren't allowed, and maybe they'll be allowed to do them now..