[prev in list] [next in list] [prev in thread] [next in thread] 

List:       pauldotcom
Subject:    [Pauldotcom] Hyperlink Spam
From:       craigfreyman () gmail ! com (Craig Freyman)
Date:       2011-04-09 1:45:45
Message-ID: BANLkTindg=u+1R-rZY8mYDn35RceW1nS4w () mail ! gmail ! com
[Download RAW message or body]

I'm sure everyone has seen this at some point. You get a spoofed message
from one of your contacts with only a single hyperlink in it. Obviously a
spam/phishing email.

I just got one and looked at the headers expecting to see it come from some
poor saps home PC. It actually came from the real AOL mail servers and
not someones compromised home PC. I've seen this from MSN, Hotmail and AOL
accounts. Does anyone know how this happens? Is it some sort of XSS vuln
that is able to harvest an address book and send out messages in these free
email web interfaces? Possibly a malicious rolling advertisement that hits
these sites and simply getting into your email pwns you? I know there are a
million possibilities but was wondering if anyone knew for sure.

-C
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20110408/11f45f6e/attachment.htm>

[prev in list] [next in list] [prev in thread] [next in thread]