Abandoned free email accounts
Mark wrote in with an observation that abandoned free email accounts (such as those of hotmail, yahoo and the like) are being abused by spammers to send messages at a very slow rate to the contacts in those accounts.
As Mark noted himself, there's an obvious privacy issue if your contacts leak, and that some of the former users have not only abandoned the service, but actually assumed the service would have been terminated due to no activity on the account anymore.
If you have observed the same thing, we're interested in hearing from you.
But it might be a good idea to verify the status of your former mailboxes you have around the globe and make sure there's nothing left of them of value to you or your attackers before you do abandon them. Better yet, those really old ones, should we not delete them properly?
UPDATE:
A reader pointed out it might not always be easy for users to deleted unwanted accounts judging from the support fora at e.g. hotmail, and hence it would be quite understandable that they just abandon the accounts instead of cleaning them up properly.
UPDATE:
Andy, Andrew and others wrote in corroborating the story from experience with Yahoo, Gmail and Hotmail addresses that used to belong to friends and family starting to spam.Andy also noted another concern: the recipient might place more trust in known addresses from the past (think e.g. whitelisting in anti-spam filters and also might lead to trust in the person allowing for lesser guards in beign social engineered into a click or other form of trust.
A number of readers pointed out they have seen it happen on active accounts just as well as on the abandoned accounts. Some also pointed out it is very difficult to regain control of the account as the spammers changed the password they had on it.
An anonymous reader had lost control of his gmail account and didn't realize his address book got populated automatically due to sending and receiving email -even when just sending/receiving email from a smartphone without using the web interfaces-.
Carol also pointed out that loosing control of an account can be frustrating to allow one to regain control by the legitimate user.
--
Swa Frantzen -- Section 66
DLL hijacking - what are you doing ?
In response to the heavy publication in the press about the DLL hijacking vulnerabilities, Microsoft released a number of publications and even a tool of their own.
Judging from the comments on the article by Bojan and the difficulty in reading the instructions and the lack of a clear recommended value that stops the current ongoing attacks without breaking commonly used software packages, it's clear there is still some work ahead of us.
Not only do we need to understand it in detail and understand what we can block, but we need to test it all as well.
So, in a spirit of sharing how to make it work:
- What are you using as mitigation against the DLL hijacking vulnerabilities ?
- What did your tests with the different values and commonly used software packages (such as Microsoft Office) yield with the different values the tool supports ?
--
Swa Frantzen -- Section 66
Comments
Anonymous
Dec 3rd 2022
9 months ago
Anonymous
Dec 3rd 2022
9 months ago
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.
<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
Anonymous
Dec 26th 2022
8 months ago
Anonymous
Dec 26th 2022
8 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
8 months ago
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> nearest public toilet to me</a>
<a hreaf="https://defineprogramming.com/the-public-bathroom-near-me-find-nearest-public-toilet/"> public bathroom near me</a>
Anonymous
Dec 26th 2022
8 months ago
Anonymous
Dec 26th 2022
8 months ago
https://defineprogramming.com/
Dec 26th 2022
8 months ago
distribute malware. Even if the URL listed on the ad shows a legitimate website, subsequent ad traffic can easily lead to a fake page. Different types of malware are distributed in this manner. I've seen IcedID (Bokbot), Gozi/ISFB, and various information stealers distributed through fake software websites that were provided through Google ad traffic. I submitted malicious files from this example to VirusTotal and found a low rate of detection, with some files not showing as malware at all. Additionally, domains associated with this infection frequently change. That might make it hard to detect.
https://clickercounter.org/
https://defineprogramming.com/
Dec 26th 2022
8 months ago
rthrth
Jan 2nd 2023
8 months ago