[Coco] List member account compromised: (was: Hello)
John Musbach
johnmusbach1 at gmail.com
Mon Oct 22 11:17:24 EDT 2012
It should be noted that the fact that a email appeared to have been
sent by Paul does not necessarily mean his account was compromised. It
is very easy for malware to simply relay email with a legitimate email
address specified in the header's "From" field and that's all mailman
verifies before accepting email to the list.
On Mon, Oct 22, 2012 at 11:14 AM, John E. Malmberg <wb8tyw at qsl.net> wrote:
> It means that the list member's AOL account has been taken over by criminals
> and any links or attachments in e-mail from it are not safe.
>
> This issue has already been reported to AOL through their abuse address.
>
>
> If someone has an alternate way to contact Paul H, they should notify him of
> the problem in case AOL has not yet been able to contact him.
>
> It would be useful to know how the criminals obtained the password to help
> others avoid being caught.
>
>
> Because it was a list member's legitimate e-mail address that was taken
> over, and it was sent through the member's ISP, there is very little that
> the list administrator can do to preemptively filter out such spam before
> the first one makes it to the list.
>
>
> On the multiple mailing lists that I am on, this is at least the 5th case
> this year where a member's account password has been obtained by criminals,
> much higher than any year in the past.
>
> 1 Hotmail, 2 Yahoo, 1 Earthlink, and now 1 AOL user.
>
> In only one case, the person admitted falling for a password phishing e-mail
> to revalidate their account credentials.
>
> In the other cases, how the password was obtained has not been determined,
> which indicates that it could be from either malware installed on the
> system, or use of the password on an insecure WiFi connection or shared
> computer.
>
> I have seen the fake anti-virus malware install it self last year on PCs
> that were protected by up to date by major anti-virus products like they
> were not even there. So you can not depend on anti-virus to protect you
> from links.
>
> Regards,
> -John
>
>
> --
> Coco mailing list
> Coco at maltedmedia.com
> http://five.pairlist.net/mailman/listinfo/coco
--
Best Regards,
John Musbach
More information about the Coco
mailing list