[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ubuntu-users
Subject:    Yahoo junk email
From:       mrzenwiz () gmail ! com (MR ZenWiz)
Date:       2013-02-26 22:22:41
Message-ID: CAMiffnh6o=tL97vzPvEmGaBZdRWPW-i-g1obQLJBs1iCZcSZ9g () mail ! gmail ! com
[Download RAW message or body]

On Tue, Feb 26, 2013 at 10:57 AM, Rashkae <ubuntu at tigershaunt.com> wrote:
> On 02/26/2013 01:40 PM, MR ZenWiz wrote:
>
>> This has been going on for 4-5 years, not just days.
>>
>
> Trust me, there's a new batch of compromised accounts of the past few days
> that utterly dwarfs any of the previous yahoo security failures.
>
> I usually see 1 or 2 of my clients with compromised web mails per year.  But
> almost all the yahoo ones are now hit in a matter of days.
> One of them didn't even know she had webmail.  Her computer was set up with
> Thunderbird (pop) and that's the only way e-mail was ever accessed... so
> that rules out the usual cross site XSS exploit most people are assuming
> this is.
>
I don't disagree with or disbelieve you.

I've seen these come in waves, and they've been going on for a long
time.  Some waves are more effective than others.  I've yet to see my
yahoo email spoofed, although one of my gmail eaddresses has been once
or twice, but the waves subside and reemerge over time.  AOL was the
first to get hit (and they still do), then hotmail, then yahoo, then
(more recently) gmail though to a lesser extent.

As long as we have security holes on the web, we'll see this sort of
thing.  IOW, probably forever.

Cheers.

MR


[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic