[nsp-sec] ping google/gmail
John Fraizer
john at op-sec.us
Fri Mar 7 13:49:21 EST 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
We started getting complaints for these (instead of being the targets) during the recent weeks in association with accounts that were spear-phished from our users. And
Squirrelmail is a common thing here too. Problem is that it OUR Squirrelmail platform. (And I have NOTHING to do with that decision!)
John
Ross, Jason wrote:
> ----------- nsp-security Confidential --------
>
>> -----Original Message-----
>> From: nsp-security-bounces at puck.nether.net [mailto:nsp-security-
>> bounces at puck.nether.net] On Behalf Of Brian Allen
>> Sent: Friday, March 07, 2008 12:45 PM
>> To: nsp-security at puck.nether.net
>> Subject: [nsp-sec] ping google/gmail
>>
>> It is being used as a drop for a hitman scam threat we are receiving.
>>
>
> Anyone got any thoughts on what's up with these?
> We started receiving notificiations about these to our abuse desk about
> 2 weeks ago, and they keep on coming.
>
> Obviously the intent is to harass and/or get someone to actually pay up
> (every one I've seen has had the same MO: "I've been hired to kill you
> but will give you a chance to prove you want to live if you can pay me
> more", so I guess what I'm really saying is, is there a common thread we
> can look for to stop it? (eg. All being sent via relays that happen to
> be squirrelmail, or something. I say that just because the ones I've
> seen appear to have been sent by exploiting a webmail interface of some
> kind.)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mandriva - http://enigmail.mozdev.org
iD8DBQFH0Y4x+16lRpJszIgRAoZeAJ9SyXtk3PAS5NUUkSyG5cfxDet4VgCfablU
ZI0BSSwhgmBJbxXFCVpI8IQ=
=NCfj
-----END PGP SIGNATURE-----
More information about the nsp-security
mailing list