BLOG

First spam to Epsilon leaked address

May 30, 2011 by in Industry

This morning I received the first two spams to the address of mine that was compromised during the Epsilon compromise back in April. Actually, I received two of them. One was the “standard” Adobe phish email. The other was similar but referenced Limewire instead of Adobe.

Have you heard the big news? Limewire has shut down for good.

Want to know what other people are using as their alternative?

Find Out Here : http://www.phishingdomain.here.example.com

Our limewire alternative has been adopted by millions of limewire users around the globe.

Same great features, tons of files and it’s easy to use

Enjoy

Jimmy Choo
Limewire Insider

One of the very interesting things about this spam is that it came through an ESP. It looks like the customer of another ESP was compromised and their account used to send the spam.

Looks like the spam to the stolen Epsilon data has started.

3 comments

  1. Derek Harding says

    I’ve received a few now. So far they’ve all been sent to tagged addresses I gave to Chase. Many were sent via other compromised ESPs.

    May 31, 2011, 9:09 am
  2. laura says

    Chase seems to be the common thread here.

    Steve was notified of one of his addresses leaking and he’s not seen any spam to it. I suspect it’s a big enough group of addresses that the spammers are mailing them in chunks or importing them / cleaning them slowly.

    May 31, 2011, 9:30 am
  3. Pete Austin says

    Re: “One of the very interesting things about this spam is that it came through an ESP.”

    Obvious question, but do you have the full message headers? If no (for example if the email came via Exchange) you really can’t be sure it came from an ESP. Happy to help in the unlikely event that you need it.

    May 31, 2011, 10:31 am

Comment:

Your email address will not be published. Required fields are marked *

Marketing or spamming?End of quarter spam

  • AOL problems

    Lots of people are reporting ongoing (RTR:GE) messages from AOL today.  This indicates the AOL mail servers are having problems and can't accept mail. This has nothing to do with spam, filtering or malicious email. This is simply their servers aren't functioning as well as they should be and so AOL can't accept all the mail thrown at them. These types of blocks resolve themselves. 1 Comment

  • Fixing discussion lists to work with new Yahoo policy

    Al has some really good advice on how to fix discussion lists to work with the new Yahoo policy. One thing I would add is the suggestion to actually check dmarc records before assuming policy. This will not only mean you're not having to rewrite things that don't need to be rewritten, but it will also mean you won't be caught flat footed if (when?) other free mail providers start publishing p=reject.No Comments

  • Sendgrid's open letter to Gmail

    Paul Kincaid-Smith wrote an open letter to Gmail about their experiences with the Gmail FBL and how the data from Gmail helped Sendgrid find problem customers. I know a lot of folks are frustrated with Gmail not returning more than statistics, but there is a place for this type of feedback within a comprehensive compliance desk.No Comments

Archives