I've run into this in my job and with a friend recently, but I'm not sure
exactly how the attack is done. Either the email is sent from the person's
email account itself which appears to get hijacked temporarily and is then
sent to a number of contacts in the user's address book, or the attack is just
stealing the contact list and then sending the email with the sender being
spoofed. Either way it gets the recipients to trust what they are being sent
and more likely to open links.
Given the number of various web application vulnerabilities out there, either
is quite possible, but the common link in my experience seems to be Facebook
and it's clueless users (my friend included). Having your webmail open and
authenticated while you're logged into Facebook and clicking on something
malicious is one way it could be done.
PJ
> Often, the originating email address is spoofed, so it is not actually
> coming from that user. In the 18 years I have had another email
> address, I have had that address used several times as the sending
> address for spam or malware, and it certainly is annoying! In any
> case, you will certainly know when your address is being misused in
> this fashion!
|