A malware expert has discovered a super spamming operation that has already hit a base of 711,5 million email addresses. By all indications, this could be the biggest operation of its kind.
The emails, which in some cases come with passwords, appear to have been put together with the intention of spreading malware for the purpose of obtaining banking information.
- How to create an HTML signature for email
- How to create a Gmail?
Those responsible for the scheme, when they only knew the email address, only sent spam messages to try to convince the user to release more information.
you need to see
- How to Avoid Being a Victim of Phishing Scam
- Difference between: virus, spam, spyware, worm, phishing, botnet, rootkit
Benkow says it's "very difficult to know where the information in the emails came from." However, he believes some of the stolen data may have come from previous leaks, a generation of Facebook phishing and hackers who traded personal information illegally.
The criminals, in some cases, still had details of the SMTP code and email servers. Such data could be used to evade the email provider's spam detection systems, causing messages to reach inboxes without being identified as spam.
"When a compromised account starts being used to send spam, this activity can only be stopped if the user suspends the account. But with this many accounts involved, the security departments of the email services are overwhelmed, leaving the slow process and allowing spam to continue being sent," says Richard Cox, former head of information for the Spamhaus project.
Benkow adds that the Onliner software was still hiding tiny, pixel-sized images in outgoing emails. This made the program able to collect information about the computers that received the malicious messages.
To find out if you were one of the victims of the email, just click here.
"If you've discovered that you're on the malware mailing list, I recommend that you change your password and pay more attention to the emails you receive," says Benkow.