Hello, a few days ago someone managed to abuse an account registration form on my personal website and a few dozens of random recipients at different domains (mostly at Yahoo) got registration confirmation emails from my address. The scale of the attack was not big, it was about 20-30 mails in total until I noticed it and secured the form to block the attack.
However I wonder - and here I'm looking for your opinion - what can be a possible gain for the attacker from such an attack? The form does not have any field to enter own information that could be passed to the recipient - just login, password and email - so all the recipient gets is a standard message saying that someone registered an account named XYZ on my website using their email address, and if they want to confirm it, they should click the link, otherwise do nothing and the registration will expire in 24 hours. How can anyone benefit from spamming people with such messages? -- Regards, Jaroslaw Rafa r...@rafa.eu.org -- "In a million years, when kids go to school, they're gonna know: once there was a Hushpuppy, and she lived with her daddy in the Bathtub." _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
