Spammers Prefer Compromised Accounts To Botnets 53
Orome1 writes "Spammers today favor compromised accounts for sending spam, gradually shifting distribution away from botnets, according to Commtouch. The changed tactic has emerged as spam levels dropped dramatically, following several high-profile botnet takedowns. Spammers are now using a combination of malware and phishing to compromise legitimate accounts and then using these accounts to send low-volume spam outbreaks."
I believe it. (Score:2)
Even with the small amount if email accounts on my mail server (~6000) I'm having to deal with 1-2 of these compromised accounts a week on average. Most of the time they use squirrelmail to send out the spam.
Same issue on the web hosting side (Score:2)
Since customers can create email accounts for other users it was a must that we run an outbound spam filter. It's picked-up on some servers, substantially. Luckily none of it sees the light of day, but the processing power required to send/receive email gets spiky.
Funny enough it tends to be the smaller accounts causing the most problems. Larger hosting packages tend to come with in-house support on the client side, and they create smarter passwords and smarter users :)
-Matt
Re: (Score:3)
It was funny to get an email from an ex girlfriend to whom I have not spoken in years advertising black market pharmaceutics, a subject with which she was intimately familiar...
Re: (Score:2)
This encouraged me to begin changing all my passwords.
Re: (Score:2)
Re: (Score:1)
Actually, Hotmail tried this for a while.
It failed horribly. A lot of legitimate users' accounts got lost in the shuffle. And since the only way to log in and get your account unblocked was either (a) go to a super secret forum that they didn't even list on the "get my account back" page or (b) give them your phone number to validate via SMS (nevermind that a good number of people still don't do SMS messages or want to give Microsoft their phone number), what they wound up instead was a "throwing out the ba
Re: (Score:2)
TW said it was likely a password compromise, & changed the pw for the account.
Re: (Score:2)
lower overhead? (Score:2)
Botnet rental is still an expense....
Re: (Score:2)
That's all find and dandy, and yes a lot of people have a cell phone these days, but there are still hundreds of millions without them and others that don't have this option on their email service.
Re: (Score:2)
It is actually a lot more likely that people just have a cell phone and no computer.
In Africa for example, many have a simple "smart" phone and no access to a computer.
Re: (Score:2)
That would drive me nuts.
Re: (Score:2)
it's more of a cookie though isn't it? nothing to do with a setting on gmail's servers.
Re: (Score:2)
If it were to drive you nuts, you would start the squirrelmail problem anew...
Re: (Score:2)
not free to me and many others not paying the text message extortion... yet.
Taking advantage of trust (Score:3)
Re: (Score:2)
Re: (Score:2)
Hotmail used to be a serious problem because of the amount of spam coming from there, it was too big of a domain for most folks to block, but there was a significant amount of spam originating there. That seems to have changed in recent years though.
Re: (Score:2)
with compromised account you don't have to deal with av or the person reinstalling or just plain leaving his computer off. however, I can't but imagine that botnets would be the prime way to mine for those accounts.
Re: (Score:2)
Where's the link?!!?!?!!one
"low-volume spam outbreaks" (Score:2)
that sounds like oxymoron
Woot! (Score:1)
90,000 email addresses later, and now major.payne@usmc.mil is offering Viagra at a discount!
That's because of reputation (Score:3, Insightful)
iam borrowing this account (Score:3)
Can I interest anyone in a set of steak knives and viagra? www.steaknivesandviagra.com for best price, leading customer support and free shipping to you.
Re: (Score:2)
Is that combination endorsed by John and Lorena Bobbitt?
Re: (Score:2)
No, but it is endorsed by Anthony Wiener.
Unblockable servers (Score:2)
Re: (Score:2)
shouldnt block gmail/yahoo/hotmail or other big mail servers.
It's useful to have a penalty in your spam filter for free email services. Google's inbound spam filtering is good. Outbound spam filtering, not so much.
Related to this, the use of free hosting services as spam targets continues. Google spreadsheets, of all things, are widely used to support phishing scams. Here's a Microsoft Webmail Activation Form" embedded in a Google spreadsheet. [phishtank.com] Because the related phishing emails contain a Google URL, they tend not to be tagged as spam by spam filters. The strange
Surprised it took so long (Score:2)
I predicted spammers would shift to using stolen login credentials way back in 2005 [hyperborea.org].
Thank you, LulzSec (Score:2)
Thanks for releasing stolen passwords for 62000 email accounts. Spammers must be very happy now.
So, Private Botnets != Botnets???? (Score:2)
So, they are making their own botnets, rather than leasing one from some Russian or Chinese hacking group.
6 of one, 0.5 dozen of another....
Re: (Score:1)
No, it's not a botnet, it's nothing like a botnet. RTFA
This needs to be addressed by the mail hosts (Score:2)
I already had my Hotmail account somehow compromised this year. It sent an email to everyone in my contact list alphabetically. I wish I could set a pin for emails with more than 5 recipients in less than 30 minutes. And that watched for unusual volumes of outgoing mail to alert another email address.
Obviously these settings would be pin accessible to ensure the compromised account didn't go crazy.
I wouldn't even mind a separate highly irregular password for IMAP or POP3 access.
This *shouldn't* be a p
Figures (Score:1)
Why you need to report your spam (Score:1)
This is why you need to scrub your email address from the spam and forward the scrubbed mail to the abuse@ address for the address that spammed you. I've gotten numerous accounts closed by ISPs this way. If you don't want to do it manually (which can be a endless tedium) you can use a free service such as spamcop.net which scrubs your identifying info from the spam, forwards it to abuse@, and proxies the replies back to the address you have registered with them.
Also, when you "report" spam in gmail you ar
Yup. (Score:3)
In the last year I've gotten spam from accounts belonging to nearly a dozen people I personally know--nearly a dozen hotmail, yahoo, and gmail accounts compromised. Including one of my own. Strong passwords, everyone! Letters, numbers, punctuation. Even something like "Help?1234" is infinitely* better than a dictionary word or common name. Grouping characters by type makes it easier to remember and makes it easier to work with on soft keyboards on mobile devices--letter letter letter letter, shift to "numbers and punctuation" mode, number number number number.
My biggest problem now (not with spam, but with passwords in general) is financial institutions that restrict you to letters and numbers so you can punch them in on a phone keypad.
* more or less
Re: (Score:2)
What gets me is that the treasury has super strong protections in pretty much all areas of their account management, but then uses secret questions in order to remove locks and all that. Which kind of ruins the security features that they've been using.
On top of that, it's very possible to get locked out of your account permanently due to them being unwilling to shoulder any responsibility when it comes to unlocking the account. So, if you don't have a statement on hand to show your financial institution, t