http://www.techworld.com/security/news/index.cfm?newsID=11544
By Matthew Broersma
Techworld
26 February 2008
Spammers have found a new trick that gets around many current anti-spam
filters: abusing the "out of the office" auto-respond feature found in
legitimate webmail services.
Security firm McAfee has come across several instances of the trick, the
company said this week.
The spammer first signs up for a legitimate webmail account, switching
on its auto-respond feature, with the spam text in place of the "out of
the office" message.
The spammer then bombards the account with messages that have "from"
addresses spoofed so that they appear to come from the desired
recipients. The automatic responses are then sent to the spoofed
addresses.
The advantage of the system is that the spam all comes from legitimate
webmail accounts, with safeguards such as DKIM, DomainKey or Sender ID
in place, meaning that the messages are able to get around many of the
protections in place against more conventional spam techniques.
The spammers are likely to use automation techniques for creating the
accounts and setting the responder text, meaning large numbers of
accounts are likely to be at their disposal, according to McAfee.
The company is currently blocking auto-responder spam by analysing
header and message content.
___________________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
Comments