[unisog] Nigerian scam via squirrelmail

Mike Patterson mpatters at ist.uwaterloo.ca
Mon Oct 26 20:12:49 GMT 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 25/10/09 10:42 PM, Mark Montague wrote:
> We have a variety of monitoring tools in place to help us detect the  
> type of activity the spammers engage in with stolen usernames and  
> passwords, and we disable most of those accounts not long after the  
> spammer starts abusing them.

Our experience has been the same; this has been an issue for us on both
Horde and Squirrelmail (long story) installations since at least April
2008.  At one point I think we had a few hundred compromised accounts,
but our tools for automatically shutting such down have improved.  :P

Mike

- -- 
Never test for an error condition you don't know how to handle.
- - Steinbach
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkrmAsEACgkQrqw9H9F0mCQD9gCgmLDcLMjq76afBtjlECUy60ds
IDMAnjLxMFkQBILyRG0eWsy783wsMdAE
=sjym
-----END PGP SIGNATURE-----


More information about the unisog mailing list