In the past 10 days or so, at least 3 or 4 people that I know have had either Yahoo or Gmail accounts hijacked and used to send spam. Some are quite technical, others not so much.
This doesn't seem to be the old "facebook attack" as all but one use a different password for FB than their email accounts. I'm wondering if this is cookie-stealing (Firesheep) as at least 2 had recently used Starbucks or similar public wifi either a few hours or the day before. I'm looking for anecdotal evidence here. If you, or someone you personally know have had an email account hijacked for use for SPAM, I'd like to know about it. No forged email; only cases where the person's account itself was used to send the SPAM. No "friend of a friend of a friend", please. Here are the questions: 1. What email service was used? Yahoo, Hotmail, Gmail, ? 2. Was the password changed by the "hackers"? 3. Does your email provider *force*, *allow* or *not support* SSL for logins and/or the entire session? 4. If SSL is supported, do you use it? Only for logins, or for the entire session? 5. How do *you* think the account was compromised? 6. What social networking sites do you use? 7. Was the password on the compromised email account the same as any of the social networking sites? If so, which ones? 8. Do you use the same password as your email account at any other sites? Think also about sites that require logins for commenting, like Ars Technical, some Gawker sites, etc. Please send the answers to me ([email protected]) only, and I'll summarize. I'll collect answers until next Wednesday (12 Nov) evening, and then put out a summary. Thanks for your help! --tep _______________________________________________ Tech mailing list [email protected] http://lists.lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
