On 2/23/2013 10:56 AM, Kevin A. McGrail wrote:
I am 100% certain that it is compromised accounts on yahoo where they steal the
address books. They then seem to cross correlate and use common last names to
mail people using other compromised yahoo accounts. Though I need to check if
they have started forging as well through other servers.
I have seen a lot of these examples and have specific patterns that make this
the only possibility.
Regards,
KAM
I've just confirmed that I received the single link Yahoo spam between me and
someone else where neither of us had the other in each others Yahoo address
book, so the only thing this had to do with Yahoo was that a third party Yahoo
account was used to send the spam. In fact the person who I supposedly got the
email from was a pretty recent contact of mine and we had pretty much only
communicated with each other via LinkedIn and Facebook.
I'm really starting to suspect that these spammers are scraping your public
posts on Facebook and grabbing the names of people that commented on those
posts, then using a Yahoo account and setting that name on the account before
sending the spam. The only issue is how do they find the legitimate email
addresses of the person to send the spam to. I wouldn't be at all surprised to
hear that this had something to do with a Facebook app people let have access to
their account info.
Steve
