[Mimedefang] Let the Fishing begin

[John Halewood]

David F. Skoll scribbled:
> Ben Kamen <bkamen at benjammin.net> wrote:
> 
> > Has anyone else seen an increase since the breach?
> 
> Not really.  But interestingly, I've seen a few emails to my theoretically
> secret former LinkedIn address.  These are in my logs from before
> the breach was disclosed... could it be that the breach actually happened
> a month ago?

Be about right. If it wasn't a script kiddie attack, I wouldn't be surprised if whoever carried it out spent a couple of weeks trying to sell the data around the darker sides of the internet, and then either pasted it as proof for someone or decided that, having got paid,  everyone else could have a go.
Once the email addresses are known, they spread like wildfire and never seem to get removed. One firm I look after had its entire address book lifted 6-7 years ago, and I still catch several thousand spams to those addresses each day, despite the fact that
1) they were bought out a few years back and only use the domain name for legacy purposes and
2) Most of the accounts are inactive due to (1).
Strangely enough they get very little spam to their new domain name, which might be something to do with having tightened up their internet presence a fair bit (when your primary mail server is a SCO unix box running SMTP/POP3 and directly connected to the internet it's just asking for trouble).

Regards
John