On 2016-05-24 15:17, Jay Hennigan wrote:
On 5/24/16 12:26 PM, Michael Wise wrote:
We're still seeing cases where a malicious actor, typically in
Eastern Europe, will try and sign up a target email address for
thousands of lists all at once, flooding their mailbox with
confirmation traffic , perhaps to hide some other nefarious issues.
I wonder what the point is. How does the bad guy monetize it, or is it
a coordinated attack against a specific victim? What other nefarious
issues? Making the address useless or burying some other mail in the
midst of the junk would seem to be a possibility.
If an attack against a specific victim, it would seem that unconfirmed
marketing lists would be a more effective weapon than a bunch of
random confirmation messages.
I could see this type of attack being useful when the bad actor desires
to suppress a legitimate message. For example, if I were to spoof a
message from the finance director to a subordinate to send corporate
financial information out to a third party, I might want to disrupt the
finance director's email temporarily to ensure that the subordinate's
attempt to confirm the request is not seen.
I might do so again after compromising the corporate bank account so
that wire transfer confirmations are not seen and acted upon in a timely
fashion.
--
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren
_______________________________________________
mailop mailing list
mailop@mailop.org
https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
