[SCA-BMDL] Recent email compromises
Rob MacLachlan
ram at ri.cmu.edu
Sun Apr 8 18:48:52 EDT 2012
On 4/6/2012 8:28 PM, Wayne Canne wrote:
> Greetings,
> For the majority of you, this is a rehash of what you already know.
> For others, it may be just the "Oh, that's right. I knew that,"
> reminder that can prevent hours of annoyance.
> With a rash of recent emails compromised on numerous lists I am on, I
> think it is important to remind people of a few basic things. You can
> make your password much more secure by adding a capital letter and a
> number in them, instead of simply a group of letters. Also, please do
> not click on emails from people you know with a subject that are
> general or don't make sense. "Hey, check this out," "Look at this,"
> "Wow, I'm amazed at this," etc. are all examples of spam bot headers
> designed to make someone open the email.
> YIS
> Clewin Kupferhelbelinc
You should also know that in most cases, mail being sent in your name
does *not* mean that your account has been compromised. It is
straightforward to send email "From" anyone, including accounts that
don't even exist (god at heaven.org, etc.) Most often it means that
someone you know (or at least exchange email with) has had their PC
subverted by some malware which harvested their email address book and
then used those addresses as "From:" in order to encourage people to
open virus attachments.
Rob
More information about the Sca-bmdl
mailing list