Spamhuntress

I’ve seen countless examples lately of mail sent from legitimate accounts via Squirrelmail. Do a search for “authenticated user” on news.admin.net-abuse.sightings and sort by date. You’ll see it’s become quite common.

I don’t know exactly what’s happening here, but I assume spammers have stolen passwords for legitimate accounts somehow.

I know of one case where the spammer changed the password of the account a while after the spamrun was complete.

If your established password stops working, do some due diligence after you get a new one issued.

The spammy mails were still in the Sent box in one account!

This entry was posted on Tuesday, March 11th, 2008 at 5:35 pm and is filed under Uncategorized, Mail spam, Admin issues. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.