'Out of office' messages turned into spam relays

Spammers have found a new trick that gets around many current antispam filters: abusing the "out of the office" auto-respond feature found in legitimate Webmail services (Compare antispam products).

Other stories on this topic
Phishing attack targets victims of U.K. gov't data loss 2/25/2008
Services are tapping people power to spot malware 2/21/2008
The war against malware 2/15/2008
Powered by Inform

Security firm McAfee has come across several instances of the trick, the company said this week.

Read the latest WhitePaper - The High-Availability Business: How a Simpler Network Can Meet the Demands of Business-Critical Applications

The spammer first signs up for a legitimate Webmail account, switching on its auto-respond feature, with the spam text in place of the "out of the office" message.

The spammer then bombards the account with messages that have "from" addresses spoofed so that they appear to come from the desired recipients. The automatic responses are then sent to the spoofed addresses.

The advantage of the system is that the spam all comes from legitimate Webmail accounts, with safeguards such as DKIM, DomainKey or Sender ID in place, meaning that the messages are able to get around many of the protections in place against more conventional spam techniques.

The spammers are likely to use automation techniques for creating the accounts and setting the responder text, meaning large numbers of accounts are likely to be at their disposal, according to McAfee.

The company is currently blocking auto-responder spam by analyzing header and message content.
Recent News:
· McColo takedown: Vigilantism or Neighborhood Watch?
· Spam drop could boost Trojan attacks
· Hosting firm shutdown forces botnets to relocate
· ISP cut off from Internet after security concerns
· Spam plummets after hosting service shuttered
Site Map | Recent News | Related Sites

Copyright © 2006 EmailSafety.net - All Rights Reserved.