Newsletters
Customer Relationship Management News NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home CRM Systems Customer Service Business Intelligence Sales & Marketing More Topics...
Build Apps 5x Faster
For Half the Cost
Enterprise Cloud Computing

On Force.com
Network Security
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
AOL Hack Drives Zombie Spam to Inboxes
AOL Hack Drives Zombie Spam to Inboxes

By Jennifer LeClaire
May 1, 2014 10:19AM

Bookmark and Share
It appears a member of the group known as the Com Spammers accessed information on a number of AOL accounts and started sending out high volumes of spam about two weeks ago. The zombie spam used the “from” address of the hacked AOL e-mail account and sent the spam to everyone in the victim’s address book, said analyst Andrew Conway.
 



Many early Internet users had AOL e-mail addresses at one time or another -- and some still have active accounts they rarely, if ever, use. Considering the rise of AOL-related zombie spam this week, it may be time to delete those old AOL e-mail accounts.

AOL on Monday admitted it’s investigating a security incident that involved “unauthorized access” to its networks and systems. In other words, the ISP was hacked. The company is working with forensic experts and federal authorities to investigate the incident and determine how cybercriminals were able to steal the personal information of its e-mail account holders.

“This information included AOL users' e-mail addresses, postal addresses, address book contact information, encrypted passwords and encrypted answers to security questions that we ask when a user resets his or her password, as well as certain employee information,” the company said in a statement. “We believe that spammers have used this contact information to send spoofed emails that appeared to come from roughly 2 percent of our e-mail accounts.”

Who’s Behind the Zombie Spam

We caught up with Andrew Conway, a research analyst at messaging protection firm Cloudmark, to get his take on the zombie spam fallout. He told us there are two or three different groups involved in monetizing the zombie spam. One group is known as Com Spammers.

“The Com Spammers currently have three forms of monetization -- diet pills, miracle skin cream, and a pernicious work from home scam that involves extracting larger and larger payments for training and services based on the promise of future riches,” Conway said.

“Similarly, if you order the diet pills, you will find yourself signed up for a monthly purchase on your credit card, which is very hard to cancel. We estimate that the revenue generated by this group is millions of dollars a year. They are spending $50,000 to a $100,000 a year in domain registrations alone,” he added.

it appears one of the Com Spammers accessed information on a number of AOL accounts and started sending out high volumes of spam about two weeks ago, Conway said. The zombie spam used the “from” address of the hacked account and sent the spam to everyone in the victim’s address book.

Where Does DMARC Fit In?

Conway explained that there are two standards that have long been available to allow senders to digitally sign an e-mail message -- and guarantee it was actually sent by the account holder. However, he added, there was no standard about what to do if the message was unsigned or if the signature was invalid until DMARC (Domain-based Message Authentication, Reporting and Conformance) came along in 2012. (continued...)

1  |  2  |  Next Page >

 

Tell Us What You Think
Comment:

Name:

Yohun:

Posted: 2014-05-01 @ 1:29pm PT
Aol still exists? wow!



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Network Security
1.   Juniper DDoS for High-IQ Networks
2.   Big DDoS Attacks Hit Record in 2014
3.   U.N.: Nations Hide Digital Snooping
4.   Can Google Stop Zero Day Flaws?
5.   Google Hacker Team to Hunt Bugs


advertisement
Android SMS Worm on the Loose
Malware lets bad actors cash in.
Average Rating:
Big DDoS Attacks Hit Record in 2014
Attackers often use NTP reflection.
Average Rating:
Can Google Stop Zero Day Flaws?
Security top priority for search giant.
Average Rating:
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Juniper DDoS Solution Aims at High-IQ Networks
In the face of more complex attacks, Juniper Networks is boosting its DDoS Secure solution to help companies mitigate the threats with more effective security intelligence throughout the network fabric.
 
Large-Volume DDoS Attacks Hit Record in 2014
The number of distributed denial-of-service (DDoS) attacks set a record in the first half of 2014, according to a report by Arbor Networks. The number of attacks over 20 GB/sec doubled.
 
U.N.: Nations Hide Rise in Private Digital Snooping
Governments on every continent are hiding an increasing reliance on private companies to snoop on citizens' digital lives, the U.N. human rights office says, with grave concerns about privacy.
 

Navigation
CRM Daily
Home/Top News | CRM Systems | Customer Service | Business Intelligence | Sales & Marketing | Contact Centers | Customer Data | CRM Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.