Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Compromised email account?

From: Todd Haverkos <infosec () haverkos com>
Date: Wed, 09 Feb 2011 14:52:39 -0600
Jacob Bednarz <n.a.r.z.y () live com> writes:


Hi,
After awaking this morning, I found my inbox riddled with failed
delivery notices from my service provider. Wierd thing is I haven't
sent emails from the address in weeks.
Does this mean my inbox has been compromised? 


Not necessarily.  And, odds wise, probably not. 


If so, is there anything I can do to reclaim it and maintain it
without this issue occuring again?


Not really, unfortunately.  Antispam solutions may appropriately
filter those that are spam, though.  I'm not even sure if SPF is any
help here.

Attackers (or anyone) can spoof an email to be From: anyone they wish.
And, correspondingly, when such spoofed emails get sent to
non-existent receipients, the non-delivery notice goes back to you.

Spammers also know that this can be a way to get people to read an
email they might not otherwise read.  

--
Todd Haverkos, LPT MsCompE
http://haverkos.com/

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: