Security Insights

Many University Websites Used For Spam

Many University Websites Used For Spam
In January, I wrote about many high profile websites, mostly universities, that were hijacked to redirect to fake stores. Many have since been cleaned up, but a few of these University websites are still redirecting users to new fake stores (,,,,,,, etc.)

In the past 2 weeks, I've seen a significant amount of spam hosted on University websites. Spammers seem to be using compromised user accounts on wiki-like services to upload spam for Viagra, banking loans, online casinos, etc.

Fake pharmacy page hosted on the UCSF website
The list of Universities hosting such spam include:
  • MIT (hxxp://
  • Cornell (hxxps://
  • UCSF (hxxp://
  • University of Pennsylvania (hxxp://
  • University of Massachusetts (hxxp://
  • Colorado State (hxxp://
  • Oregon State (hxxp://
  • OSU (hxxps://, down)
  • WUSTL (hxxp://
  • Eastern University (hxxp://
  • University of Washington (hxxp://
  • Oklahoma State (hxxp://
  • Tufts University (hxxps://
  • National University of Singapore (hxxp://
  • and many others
There are thousands of these spam pages. They are used mainly in e-mail spam campaigns, hidden by a URL shortener.

The university and the fraternity I attended are amongst the victims as well: hxxp://, hxxp://

University websites are becoming a preferred vector for different types of spam. The vast number of sub-domains, each of them likely managed by a different group which may not have professional IT/Security skills, make them an easy target.

-- Julien

Get the latest Zscaler blog updates in your inbox

Subscription confirmed. More of the latest from Zscaler, coming your way soon!

By submitting the form, you are agreeing to our privacy policy.