[outages] Crazy amts of spoofing?

Bill Wichers billw at waveform.net
Fri Apr 4 17:23:55 EDT 2014 

While not spoofing specifically, we've been seeing abnormally high amounts of general nefarious network activity this year. It was especially bad during the height of the ntp ddos problem in January/February but still seems higher than it was last year.

Sent from my iPhone

On Apr 4, 2014, at 5:22 PM, "Eric Henson" <ehenson at pfsweb.com<mailto:ehenson at pfsweb.com>> wrote:

I’ve seen this—sporadically—for a year now probably, although my users started reporting it in March (or maybe February 25th).

--
ERIC HENSON
Solutions Architect for Systems Organization
PFSweb  |  www.pfsweb.com<http://www.pfsweb.com/>
p:  972.881.2900  x3104
m: 972.948.3424

From: Outages [mailto:outages-bounces at outages.org] On Behalf Of Tony Patti
Sent: Friday, April 04, 2014 4:02 PM
To: 'Neil Ticktin'; 'outages'
Subject: Re: [outages] Crazy amts of spoofing?

I’ve seen (work, family, friends) an increased amount of spoofing since February 25.

The first two emails I looked at that day were sent thru email servers in UK and France.

Tony Patti
CIO
S. Walter Packaging Corp.

From: Outages [mailto:outages-bounces at outages.org] On Behalf Of Neil Ticktin
Sent: Friday, April 04, 2014 4:17 PM
To: outages
Subject: [outages] Crazy amts of spoofing?

Anyone seeing crazy amounts of spoofing that are going out to what looks like address book entries?

In other words, not from your client, not from your server, but spoofing an email address that's yours, and going to recipients that look like your address book (e.g., grouped by last name and to people you know).

I don't want to point fingers, and I have no evidence of this in any way, but it almost looks like a social network site, that may have access to address book entries, got hit -- and someone is spoofing big time.

The other option would be a Mac virus hitting address book entries.

Anyone seeing anything this?

Neil

------------------------
This email was scanned by BitDefender.

------------------------
This email was scanned by BitDefender.
_______________________________________________
Outages mailing list
Outages at outages.org<mailto:Outages at outages.org>
https://puck.nether.net/mailman/listinfo/outages
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/outages/attachments/20140404/688133d7/attachment.htm>

More information about the Outages mailing list