Security Basics mailing list archives

RE: Domain HiJacking by SPAMMERS

From: "David Gillett" <gillettdavid () fhda edu>
Date: Thu, 29 Jan 2004 11:09:18 -0800

  This has happened to my personal domain 4-6 times in the 
last two years -- twice since Christmas.  It generally peters 
out within 4-6 days.
  In theory, one might have a civil claim against the spammers,
but actually identifying them, suing them, and collecting any
award could be problematic.  (It's rather annoying that these
NDRs only seem to include real headers of the rejected message 
about half the time....)
  If your client is motivated to invest ing nailing these guys,
more power to them.

David Gillett

-----Original Message-----
From: saliskor () cyberus ca [mailto:saliskor () cyberus ca]
Sent: Thursday, January 29, 2004 7:45 AM
To: security-basics () securityfocus com
Subject: Domain HiJacking by SPAMMERS

A client of mine has been having serious difficulties with 
SPAMMERS using their domain name as a return address for 
sending spam. The Names are ficticious, of course, and only a 
inconvenience due to the NDRs being returned through the mail system.

The most serious problem is that the subject of the SPAM 
could cause a major public relations problem for the company, 
since it is mostly online-drug sales and private enhancements 
being marketed. 

A thorough check of the mail system and tracing of the 
original spam messages confirm that the company's systems are 
not being used as relays. Most the the messages originate in 
the Far/Middle east or Europe.

Any suggestions as to what can be done, or how to handle such 
a situation would definitely be appreciated.

Rick

--------------------------------------------------------------
-------------
Ethical Hacking at InfoSec Institute. Mention this ad and get 
$720 off any 
course! All of our class sizes are guaranteed to be 10 
students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, 
Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to 
get $720 off 
any course!  
--------------------------------------------------------------
--------------


---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------

Current thread:

Domain HiJacking by SPAMMERS saliskor (Jan 29)
- Re: Domain HiJacking by SPAMMERS Lars Johannesen (Jan 29)
- Re: Domain HiJacking by SPAMMERS Ho Chaw Ming (Jan 29)
  - Re: Domain HiJacking by SPAMMERS sil (Jan 30)
  - Re: Domain HiJacking by SPAMMERS Alejandro Flores (Jan 30)
    - Re: Domain HiJacking by SPAMMERS Ho Chaw Ming (Jan 30)
- RE: Domain HiJacking by SPAMMERS David Gillett (Jan 29)
- Re: Domain HiJacking by SPAMMERS Bryan S. Sampsel (Jan 30)
  - Re: Domain HiJacking by SPAMMERS Jude Naidoo (Jan 30)
    - Re: Domain HiJacking by SPAMMERS Ho Chaw Ming (Jan 30)
    - Re: Domain HiJacking by SPAMMERS Ed Weinberg (Jan 30)
- Re: Domain HiJacking by SPAMMERS Michele Orsenigo (Jan 30)
- <Possible follow-ups>
- RE: Domain HiJacking by SPAMMERS Shawn Jackson (Jan 30)
- RE: Domain HiJacking by SPAMMERS Bruyere, Michel (Jan 30)
- Re: Domain HiJacking by SPAMMERS Matt Atkins (Jan 30)
  - Re: Domain HiJacking by SPAMMERS Ho Chaw Ming (Jan 30)