Spamhuntress

419 spam getting through spam filters

Today I received yet one more 419 spams. I’ve noticed for a while that they seem to get through my spam filters. After the post I wrote yesterday about stolen passwords, I opened it and looked at the headers. Sure enough:

SquirrelMail authenticated user millerb1
I think this is one reason they’re using stolen passwords. In one case the spammer sent 171 mails with a lot of bcc’s from a server that doesn’t normally send spam. If they keep using fresh servers that way, they’re likely to get the spam through spam filters, unless the filters manage to filter based on the wording.

This entry was posted on Thursday, March 13th, 2008 at 10:48 am and is filed under Mail spam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

2 Responses to “419 spam getting through spam filters”

David Says:
June 9th, 2008 at 8:35 am
Nobody stole any password.

See this link.

http://www.squirrelmail.org/docs/user/user-3.html

And Good Luck.
admin Says:
June 9th, 2008 at 3:50 pm
It’s possible some of the spam I received had faked headers. I would have to check the headers again to make sure.

But what I do know, is that spammers do steal passwords. The case I quoted from was real. The password got stolen when the user typed his password on a compromised computer - a keylogger. I’m not kidding, I saw the evidence of the spam run first hand.

419 spam getting through spam filters

2 Responses to “419 spam getting through spam filters”

Leave a Reply