Just got a call from somebody who uses Juno as their email
provider (yeah, I've tried to move them away from Juno in the
past... but they're not having any of it).
The situation is that people are receiving emails from that
person's Juno address and the people receiving the emails (on the
CC list) are all in that person's Juno address book.
Unencumbered by any real knowledge, I want to assume that
somehow, somebody harvested that person's Juno address book.
> Just got a call from somebody who uses Juno as their email
> provider (yeah, I've tried to move them away from Juno in the
> past... but they're not having any of it).
> The situation is that people are receiving emails from that
> person's Juno address and the people receiving the emails (on the
> CC list) are all in that person's Juno address book.
> Unencumbered by any real knowledge, I want to assume that
> somehow, somebody harvested that person's Juno address book.
> Are there other possibilities?
Sometimes one captured e-mail can provide scammers/spammers with what almost amounts to an address book. However, my feeling is that the webmail dohicky was compromised.
(PeteCresswell) wrote:
> Just got a call from somebody who uses Juno as their email
> provider (yeah, I've tried to move them away from Juno in the
> past... but they're not having any of it).
> The situation is that people are receiving emails from that
> person's Juno address and the people receiving the emails (on the
> CC list) are all in that person's Juno address book.
> Unencumbered by any real knowledge, I want to assume that
> somehow, somebody harvested that person's Juno address book.
> Are there other possibilities?
Do you know when the event took place? Is your friend a Texan? I got an invitation to join someone at LinkedIn around the first of August. That person had a Juno email address. However, LinkedIn was also hacked in June and passwords stolen.
I have not been in contact with the person for many years.
>Do you know when the event took place? Is your friend a Texan? I got an >invitation to join someone at LinkedIn around the first of August. That >person had a Juno email address. However, LinkedIn was also hacked in >June and passwords stolen.
>I have not been in contact with the person for many years.
Pennsylvania, yesterday or today.
-- Pete Cresswell
> Per FromTheRafters:
>> webmail dohicky was compromised.
> Can anybody give examples of the mechanism for doing something
> like that?
> Does it involve hitting the person's PC or going at the Juno
> servers?
It could be as simple as correctly guessing the password (lucky guess or brute force) or even by attacking the security question in the 'forgot my password' dialog. Hacking servers isn't out of the question either.
There are also cases where the victim had a trojan keylogger and the account was compromised that way.
>It could be as simple as correctly guessing the password (lucky guess >or brute force) or even by attacking the security question in the >'forgot my password' dialog. Hacking servers isn't out of the question >either.
>There are also cases where the victim had a trojan keylogger and the >account was compromised that way.
Can anybody comment on the probability of zombification?
i.e. Could that PC have acquired malware that actually sent the
spams from the PC? Or is that too sophisticated for somebody
who is sending out such hokey spams?
> Per FromTheRafters:
>> It could be as simple as correctly guessing the password (lucky guess >> or brute force) or even by attacking the security question in the >> 'forgot my password' dialog. Hacking servers isn't out of the question >> either.
>> There are also cases where the victim had a trojan keylogger and the >> account was compromised that way.
> Can anybody comment on the probability of zombification?
> i.e. Could that PC have acquired malware that actually sent the
> spams from the PC? Or is that too sophisticated for somebody
> who is sending out such hokey spams?
I suppose that it possible. I think it much more likely that there was a weak password.
