[Outages-discussion] LinkedIn spam, was: Virendra, please...

jrk1231-outml at nym.hush.com jrk1231-outml at nym.hush.com
Sun Aug 3 19:49:03 EDT 2014


Actually, you don't have to give them access to your email account. 
If you have have gmail, hotmail, or other similar webmail services,
and are logged into your email while in LinkedIn, they can harvest
your contact list as if you were accessing it yourself.
If you are using a smartphone, then all they have to do is read your
address book to get the required information. In iOS 7.x, it is
blatantly obvious that is what is occurring, because if you install
the LinkedIn app, iOS asks you if you want to allow the app access to
your contacts.
For corporate email using Exchange, they can use the MAPI interface to
harvest your contacts.
For other mail servers, I'm sure they have their ways of getting your
contacts as well.
BTW, a lot of spam malware works the same way...
JK

On Aug 3, 2014, at 17:30 , Jay Hennigan  wrote:
On 8/2/14, 4:59 AM, jrk1231-outml at nym.hush.com wrote:
Actually, this could also happen by accident, too.

It is my understanding (as told to me by LinkedIn support) that when
you
join LinkedIn, you give them permission to harvest your contacts and
send requests to every contact that is not currently a member of
LinkedIn as known by the email address for that person in your contact
list. (Did you bother to read your ToS?) 

Of course, for them to pull this off you also need to give them the
login credentials to your email account. These sites are rather sneaky
about the wording in the page that requests this, something like
"invite
your contacts to join", and they typically forge the from address on
the
invitations to appear as if you emailed your contacts directly.

I wonder how DMARC affects this stunt. The social media "spam your
contacts" script has probably morphed to modify the From address on
domains using DMARC to work around this.

By the way, it has been my experience that they attempt multiple spams
over several weeks once they harvest an address list.

--
Jay Hennigan - CCIE #7880 - Network Engineering - jay at impulse.net
Impulse Internet Service  -  http://www.impulse.net/
Your local telephone and internet company - 805 884-6323 - WB6RDV
_______________________________________________
Outages-discussion mailing list
Outages-discussion at outages.org
https://puck.nether.net/mailman/listinfo/outages-discussion
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages-discussion/attachments/20140803/f92f2765/attachment.html>


More information about the Outages-discussion mailing list