> On Jun 9, 2014, at 10:44 PM, "Stephen J. Turnbull" <[email protected]> wrote:
>
>
> spoofing of AOL addresses ballooned to about 5X the volume preceding
> the attack, and presumably all of the new spoof messages were targeted
> to acquaintences since the attackers are known to have obtained
> millions of AOL users' contact lists. Not only is that attack huge,
> one would suppose it's more effective than broadcast spam or phishing.
>
DMARC helped briefly, but spammers and phishers have already found ways to
defeat it. I have seen a surge in AOL-based phishing this week. They simply use
the AOL screen name in the comment in the FROM field with a non-AOL address. As
most mail clients don't display the actual email address the recipient doesn't
notice, and, as the email goes to the spoofed screen name's contact list, it
looks legitimate.
Best regards
Larry
--
Larry Finch
Sent by iPhone
------------------------------------------------------
Mailman-Users mailing list [email protected]
https://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
