Someone pretty senior at VeriSign/Symantec tells me: "Yes, the email is legit and was sent from VeriSign/Symantec. We used the responsys email service to sent the email out and this email was developed prior to the news of the recent breach."
I have been doing contract writing for VeriSign for some time (although a new job I just got will put an end to this relationship). They're really swell people and I'm sure they're telling the truth and would never themselves get breached in this way. LJS On Wed, Sep 7, 2011 at 2:45 PM, Rob, grandpa of Ryan, Trevor, Devon & Hannah <[email protected]> wrote: > I got spam from Verisign today. > > I was all set to just send out a message noting the fact, and sarcastically > wondering > why it was that Verisign was suddenly (I can't recall getting any spam from > them > before, although lots of junk mail) eager to offer me 20% off SSL > certificates. > The headers on the spam seemed to show an origin at Verisign. > > But then, some of the URLs in the body of the message didn't. They were > coming > from a rsys1.net domain. Owned by: > RESPONSYS Inc. [email protected] > 900 Cherry Avenue, 5th Floor, San Bruno, CA 94066 US > 650-745-1700 fax: 650-745-1701 > > responsys.com appears to be your common-or-garden "email marketing" > (commercial spam) firm, and Verisign/Symantec may, very well, be trying to > cash > in on the Diginotar debacle as quickly as possible. But it may be equally > possible > that someone else is trying to take quick advantage of the situation. Does > anyone > have any more detailed information on them? > > ====================== (quote inserted randomly by Pegasus Mailer) > [email protected] [email protected] [email protected] > A billion here, a billion there, pretty soon it adds up to real > money. - Senator Everett Dirksen (1896-1969) > victoria.tc.ca/techrev/rms.htm http://www.infosecbc.org/links > http://blogs.securiteam.com/index.php/archives/author/p1/ > http://twitter.com/rslade > _______________________________________________ > Fun and Misc security discussion for OT posts. > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec > Note: funsec is a public and open mailing list. >
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
