Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Are you sure they actually logged in to your account to send spam (are the spam emails visible in your sent folder), or could it be that someone is just spoofing the SMTP MAIL FROM / email From: header?


As far as I can tell it wasn't someone spoofing my email address. Emails were sent to people on my contact list and the numerous bounce messages to contacts that no longer had valid email addresses confirmed the origin of the traffic.


It's possible that a contact of yours was compromised, and that contact had many contacts in common with you. And then they spoofed your address.


That's a good theory but in my case the sets of common contacts would be almost nil for that account.


I had the same issue, I could see the email sent from sent folder. This happened about year ago and I was very surprised.


Given Yahoo's security policies, whose to say someone wasn't just sending it from Yahoo's SMTP servers without any access to user's email accounts?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: