[funsec] Spam from people I know

Rich Kulawiec rsk at gsp.org
Mon Oct 11 20:09:13 CDT 2010

Given the number of malicious web sites that con users into surrendering
their address books (quite often so that they can forge spam in their
name) and the number of compromised accounts (particularly at freemail
providers) and the number of compromised end-user systems...this isn't
particularly surprising.  What's mildly surprising is that it's taken
this long for spammers to really start exploiting the tactic.  But we
can expect them to increasingly exploit the social graph, so frankly
it doesn't really matter which malware is responsible or what anyone
does about it: there will be new malware tomorrow which facilitates
the same thing.


More information about the funsec mailing list