This post is a follow-up, of sorts, to the previous "Twitter spam" and "Phishing" posts. In making the slide deck about Twitter spam I realized there were a few different variations of spam in general, especially within emails.
This post deals specifically with email, and more to the point emails you receive from trusted sources that contain questionable material and links.
When a user gets hacked or compromised as a result of a phishing scheme, the people involved will use the users contacts list to send out emails in hopes of getting more users to give up their usernames and passwords.
This scam is particularly effective since you get an email from someone you know and trust, so your guard is down. The idea is to lull you into a false sense of security that the content of the email is safe since it got sent from someone you know and you recognize both the name and email address.
Once you click the links and enter your password you then turn your account over to the hackers who in turn send emails from your address to your contacts in an attempt to get even more users to give up their passwords.
A lot of email spam originates as "phishing" scams. These are emails designed to get the user to voluntarily offer up their username and password. These emails convince the recipient they need to pride details, or log in, to prevent something bad from happening. Once the user replies or logs in the scammers have their passwords and can use their accounts to send out spam to a users address book.
I created this quick tutorial for my colleagues to help them recognize and identify emails sent from compromised accounts:
We will never be immune from phishing scams and spam, and everyone will be compromised at one point or another (through their actions of those of others) but as GI Joe always said, knowing is half the battle...