Juno Addressbook Harvested?

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Just got a call from somebody who uses Juno as their email
provider (yeah, I've tried to move them away from Juno in the
past... but they're not having any of it).

The situation is that people are receiving emails from that
person's Juno address and the people receiving the emails (on the
CC list) are all in that person's Juno address book.

Unencumbered by any real knowledge, I want to assume that
somehow, somebody harvested that person's Juno address book.

Are there other possibilities?
--
Pete Cresswell

Re: Juno Addressbook Harvested?

Per (PeteCresswell):
Quoted text here. Click to load it

FWIW, the body of the emails was:

Hi!
http://thamizharmaiyam.in/data/home.php?friend_id=jdjrosfaqjqumj

I haven't got the heart to click on it... so I have no clue what
it represents.
--
Pete Cresswell

Re: Juno Addressbook Harvested?

(PeteCresswell) explained on 10/12/2012 :
Quoted text here. Click to load it

Two redirects ending up on a work at home scam.



Re: Juno Addressbook Harvested?

(PeteCresswell) was thinking very hard :
Quoted text here. Click to load it

Sometimes one captured e-mail can provide scammers/spammers with what
almost amounts to an address book. However, my feeling is that the
webmail dohicky was compromised.



Re: Juno Addressbook Harvested?

Per FromTheRafters:
Quoted text here. Click to load it

Can anybody give examples of the mechanism for doing something
like that?

Does it involve hitting the person's PC or going at the Juno
servers?
--
Pete Cresswell

Re: Juno Addressbook Harvested?

It happens that (PeteCresswell) formulated :
Quoted text here. Click to load it

It could be as simple as correctly guessing the password (lucky guess
or brute force) or even by attacking the security question in the
'forgot my password' dialog. Hacking servers isn't out of the question
either.

There are also cases where the victim had a trojan keylogger and the
account was compromised that way.



Re: Juno Addressbook Harvested?

Per FromTheRafters:
Quoted text here. Click to load it

Can anybody comment on the probability of zombification?

i.e. Could that PC have acquired malware that actually sent the
spams from the PC?   Or is that too sophisticated for somebody
who is sending out such hokey spams?

--
Pete Cresswell

Re: Juno Addressbook Harvested?

(PeteCresswell) pretended :
Quoted text here. Click to load it

I suppose that it possible. I think it much more likely that there was
a weak password.



Re: Juno Addressbook Harvested?

(PeteCresswell) wrote:
Quoted text here. Click to load it

Do you know when the event took place? Is your friend a Texan? I got an
invitation to join someone at LinkedIn around the first of August. That
person had a Juno email address. However, LinkedIn was also hacked in
June and passwords stolen.

I have not been in contact with the person for many years.


Re: Juno Addressbook Harvested?

Per Betty:
Quoted text here. Click to load it

Pennsylvania, yesterday or today.
--
Pete Cresswell

Site Timeline