The passwords on these generally will be legit. It's a somewhat clever use of compromised account lists from one security breach or another. It certainly adds a sense of credibility to such spam to see your password in the subject line. I recently encountered one that tried a lot harder than previous examples, but in doing so made it an even more obvious scam, because it tried to tell me I was compromised via my Cisco router, when I don't have a Cisco router.
Mike Mike Hillyer Email Infrastructure Specialist email: [email protected] phone: 443-472-7226 twitter: @mikehillyer -----Original Message----- From: mailop <[email protected]> On Behalf Of Tobi Sent: Thursday, November 15, 2018 12:12 PM To: mailop <[email protected]> Subject: [mailop] Lot of bitcoin spam now from outlook.com servers?! Hi For the last couple of days we see a remarkable increase in bitcoin (gotcha-watching-porn-scam) coming from legit outlook.com servers. The subject mentions a username and a password. From what I see the PW could be legit, at least they're not '1234' or 'password' Anyone else seeing such an increase in this crap coming from outlook.com servers? Cheers tobi _______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop _______________________________________________ mailop mailing list [email protected] https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
