Many early Internet users had AOL e-mail addresses at one time or another -- and some still have active accounts they rarely, if ever, use. Considering the rise of AOL-related zombie spam this week, it may be time to delete those old AOL e-mail accounts.
AOL on Monday admitted it’s investigating a security incident that involved “unauthorized access” to its networks and systems. In other words, the ISP was hacked. The company is working with forensic experts and federal authorities to investigate the incident and determine how cybercriminals were able to steal the personal information of its e-mail account holders.
“This information included AOL users' e-mail addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions that we ask when a user resets his or her password, as well as certain employee information,” the company said in a statement. “We believe that spammers have used this contact information to send spoofed emails that appeared to come from roughly 2 percent of our e-mail accounts.”
Who’s Behind the Zombie Spam
We caught up with Andrew Conway, a research analyst at messaging protection firm Cloudmark, to get his take on the zombie spam fallout. He told us there are two or three different groups involved in monetizing the zombie spam. One group is known as Com Spammers.
“The Com Spammers currently have three forms of monetization -- diet pills, miracle skin cream, and a pernicious work from home scam that involves extracting larger and larger payments for training and services based on the promise of future riches,” Conway said.
“Similarly, if you order the diet pills, you will find yourself signed up for a monthly purchase on your credit card, which is very hard to cancel. We estimate that the revenue generated by this group is millions of dollars a year. They are spending $50,000 to a $100,000 a year in domain registrations alone,” he added.
it appears one of the Com Spammers accessed information on a number of AOL accounts and started sending out high volumes of spam about two weeks ago, Conway said. The zombie spam used the “from” address of the hacked account and sent the spam to everyone in the victim’s address book.
Where Does DMARC Fit In?
Conway explained that there are two standards that have long been available to allow senders to digitally sign an e-mail message -- and guarantee it was actually sent by the account holder. However, he added, there was no standard about what to do if the message was unsigned or if the signature was invalid until DMARC (Domain-based Message Authentication, Reporting and Conformance) came along in 2012. (continued...)
Posted: 2014-05-01 @ 1:29pm PT
Aol still exists? wow!