TobyInkster.co.uk
Blog for Sunday, 27th January 2008
27/01/2008: Social Spam
I’ve recently started receiving the occasional piece of junk mail from friends and colleages who have e-mail accounts at some of the larger webmail services (Hotmail, GMail, etc). The messages genuinely seem to come from their accounts, with proper message headers indicating that they were really sent via the webmail service, and sent to everyone in their address books.
This has been noted before and is apparently becoming more common:
- taint.org: Spambots stealing GMail and Hotmail passwords?
- Tiffehr: Gmail account hacked, apologies to all
- SVU’s blog: Google, WTF?
- Google Groups: GMail ABCs: Spam Email sent from my gmail, to my contact list
How does this happen? Best guess on what I’ve read so far seems to be that people have “voluntarily given away their account login…