Re: Steady stream of probe email messages.

[Robert Wesley McGrew <wesley () mcgrewsecurity com>]

Are there similar messages arriving at nonexistent email addresses at
your company? Is the CEO's email address a common, simple format
name () example com?

Maybe respond to it with a link that appears to be something
deep/internal to the company, see if they'll take the bait and reveal
something about themselves. Even if they used a proxy you'd at least
know there was likely a human on the other end.

Wesley

Sent from my iPhone

On Jul 21, 2012, at 9:36 AM, David Kovar <dkovar () gmail com> wrote:

> Good evening,
>
> A mid-sized high tech client got a new CEO a few months ago. Since coming on board, he's received a steady stream of 
> probe email addresses from a wide variety of throw away email address. The addresses are most often Gmail accounts 
> with random letters for the name and for the address. The subject line and message body are often blank, but they 
> occasionally contain "Hello". There is no malicious payload. No other messages arrive from the same address to any 
> employee and the sender's address doesn't show up via any searches I've conducted.
>
> Any speculation on the purpose of these messages?
> Any ideas on how to trace them back to someone?
> Any ideas on how to stop them?
> Anyone else seeing this?
>
> -David
> _______________________________________________
> Pauldotcom mailing list
> Pauldotcom () mail pauldotcom com
> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
> Main Web Site: http://pauldotcom.com
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com