Slashdot Mirror

← Back to Stories (view on slashdot.org)

Spammers Prefer Compromised Accounts To Botnets

Posted by CmdrTaco on from the i-prefer-pie-to-cake dept.

Orome1 writes "Spammers today favor compromised accounts for sending spam, gradually shifting distribution away from botnets, according to Commtouch. The changed tactic has emerged as spam levels dropped dramatically, following several high-profile botnet takedowns. Spammers are now using a combination of malware and phishing to compromise legitimate accounts and then using these accounts to send low-volume spam outbreaks."

9 of 53 comments (clear)

  1. I believe it. by Krojack · · Score: 2

    Even with the small amount if email accounts on my mail server (~6000) I'm having to deal with 1-2 of these compromised accounts a week on average. Most of the time they use squirrelmail to send out the spam.

    1. Re:I believe it. by tripleevenfall · · Score: 2

      It was funny to get an email from an ex girlfriend to whom I have not spoken in years advertising black market pharmaceutics, a subject with which she was intimately familiar...

  2. Re:gmail has a nice feature by Krojack · · Score: 2

    That's all find and dandy, and yes a lot of people have a cell phone these days, but there are still hundreds of millions without them and others that don't have this option on their email service.

  3. Taking advantage of trust by damn_registrars · · Score: 2

    They realize that a compromised account started as an active account, and thus is less likely to be blacklisted at a border. That, and as a legitimate account the payload is more likely to go through mail servers that are commonly whitelisted (or at least, not blacklisted).

    --
    Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
  4. That's because of reputation by jader3rd · · Score: 3, Insightful

    All of the major spam filters use reputation as a metric. And stealing reputation is easier than building it.

  5. iam borrowing this account by Konster · · Score: 2

    Can I interest anyone in a set of steak knives and viagra? www.steaknivesandviagra.com for best price, leading customer support and free shipping to you.

  6. Thank you, LulzSec by arcctgx · · Score: 2

    Thanks for releasing stolen passwords for 62000 email accounts. Spammers must be very happy now.

  7. Yup. by sootman · · Score: 2

    In the last year I've gotten spam from accounts belonging to nearly a dozen people I personally know--nearly a dozen hotmail, yahoo, and gmail accounts compromised. Including one of my own. Strong passwords, everyone! Letters, numbers, punctuation. Even something like "Help?1234" is infinitely* better than a dictionary word or common name. Grouping characters by type makes it easier to remember and makes it easier to work with on soft keyboards on mobile devices--letter letter letter letter, shift to "numbers and punctuation" mode, number number number number.

    My biggest problem now (not with spam, but with passwords in general) is financial institutions that restrict you to letters and numbers so you can punch them in on a phone keypad.

    * more or less

    --
    Dear Slashdot: next time you want to mess with the site, add a rich-text editor for comments.
  8. Re:gmail has a nice feature by danlock4 · · Score: 2

    If it were to drive you nuts, you would start the squirrelmail problem anew...

    --
    To .sig or not to .sig, that is the question.