[freespace2] Security Update Of Your Account
Ryan C. Gordon
icculus at clutteredmind.org
Tue Dec 14 12:28:36 EST 2004
> I'll go figure out how the hell this got to the mailing list...
My guess is some virus-of-the-week sent an email to freespace2-subscribe
from a spoofed service at paypal.com address (since many viruses now pulled
the to and from addresses from a person's address book, many of which
are overzealous about collecting every address ever seen). The list
replies to service at paypal.com with a "please reply to confirm you want
to subscribe" email...and service at paypal.com replies with an automated
response, making the freespace list think it really confirmed the email.
This has actually happened before, so it's not so far-fetched.
Once the address was on the list, the spoofing email address from
service at paypal.com goes through without a fight.
Then again, service at paypal.com (the real one) didn't ever autorespond to
traffic on the list, so who knows. I unsubscribed the address.
--ryan.
More information about the freespace2
mailing list