Anyone seen a phishing attack using a cached version of your own e-mail login page? We just received one this morning that seemed to be using a compromised apache server (signsoflifemissions.org) and using a mod_rewrite command to call our login page.
Here's how the URL was crafted: http://signsoflifemissions.org/cache/mail.our.edu/mail.our.htm
Supervisor of Network Technology
Mt. San Jacinto College