<html>
<head>
<style><!--
.hmmessage P
{
margin:0px;
padding:0px
}
body.hmmessage
{
font-size: 10pt;
font-family:Tahoma
}
--></style>
</head>
<body class='hmmessage'><div dir='ltr'>
This happened to one of our employees at my company. They got about 60,000 replies overnight. It was a mess to clean up let me tell you!<br><br><div>> Date: Wed, 27 Jul 2011 12:27:58 -0400<br>> From: topher@codeventure.net<br>> To: grlug@grlug.org<br>> Subject: Re: [GRLUG] hacked<br>> <br>> On Wed, 27 Jul 2011, Jeff DeFouw wrote:<br>> <br>> > On Wed, Jul 27, 2011 at 10:37:41AM -0400, Casey DuBois wrote:<br>> >> Hey Guys,<br>> >><br>> >> My Yahoo seems to have been hacked by a spambot.<br>> >><br>> >> It looks to have started at 7:40 and I got the first copy from myself<br>> >> at around 7:43.<br>> >> From what I can see it started hitting some heavy bounce/returns about<br>> >> that time and may have stopped or got blocked.<br>> >> I was able to change my password by 8ish but it looks like the damage<br>> >> had been done.<br>> ><br>> > It's common for spammers to forge a real person or company e-mail<br>> > address to send out spam. Access to your account is not required. Did<br>> > you look at the bounce headers to see if the outgoing mail went through<br>> > Yahoo?<br>> <br>> It's called a Joe Job, it's VERY common.<br>> <br>> http://en.wikipedia.org/wiki/Joe_job<br>> <br>> It's amazingly easy for anyone to do.<br>> <br>> -- <br>> This message has been scanned for viruses and<br>> dangerous content by MailScanner, and is<br>> believed to be clean.<br>> <br>> _______________________________________________<br>> grlug mailing list<br>> grlug@grlug.org<br>> http://shinobu.grlug.org/cgi-bin/mailman/listinfo/grlug<br></div> </div><br />--
<br />This message has been scanned for viruses and
<br />dangerous content by
<a href="http://www.mailscanner.info/"><b>MailScanner</b></a>, and is
<br />believed to be clean.
</body>
</html>