[Mimedefang] [OT?] Random Word Spam
Michael D. Sofka
sofkam at rpi.edu
Thu Feb 9 14:24:18 EST 2012
WBrown at e1b.org wrote:
> Michael wrote on 02/09/2012 12:20:46 PM:
>
>> We had a compromised account doing this last weekend! CanIt caught a
>> few of the outgoing messages, and I soon blocked the account. The email
>
>> were initially all going to a single gmail and a single ebay account.
>> Later messages (all blocked) branched out to hotmail, and a few others.
>>
>> No idea what is up with this? I am curious, is there a reason the
>> customer might be harassed in this way?
>
> I suspect that the customer wasn't being harassed per se. My experience
> as recipient from several hacked accounts has been that some compromised
> accounts are only used to send to contacts in the address book. Perhaps
> this user only had the two entries. Of course they can also send to
> external lists of addresses as you've seen.
But the messages and subject were literally (as in literally) random
strings of words. There were no email addresses or links that could be
used to sell any product. I could see no purpose in the outgoing
messages except to harass the recipients.
> Having the user change their password is usually enough to shut down the
> abuse.
>
Yes, our compromised account had the password changed. But this does
not help the recipient of the messages.
Mike
--
Michael D. Sofka sofkam at rpi.edu
C&MT Sr. Systems Programmer, Email, HPC, TeX, Epistemology
Rensselaer Polytechnic Institute, Troy, NY. http://www.rpi.edu/~sofkam/
More information about the MIMEDefang
mailing list