Google accounts sending spam to contacts in address book

November 17, 2009

Anti-spamSpamSpam filterSpam filtering

Have you experienced that spam messages are sent from your address? I can guarantee you that you’re not alone. This happens to all of us. The reason is that the protocol used for sending e-mail, SMTP, is a fairly simple protocol designed in the very beginning of the internet’s history. Anyone may basically put any e-mail address in the From field when sending a message. Spammers use this a lot to make it appear like a friend or a colleague is sending you an important message.

What’s even worse and something that we’ve seen lately is that users get their Google account information stolen. The spammers use the stolen information to send spam through Google’s Gmail servers by authenticating using the stolen identity. But they don’t stop there. Since they have access to the Google account, they also use the contacts in the user’s address book as recipients of the spam which not only increases the chances of slipping through spam filters but also increases the chances of the spam being read. The spam message appears to come from an address that you probably trust. An improvement the spammers could do is to translate the spam messages professionally into the language of the recipient. However, this too costly, but may be necessary in the future since it gets more difficult to get through to the more conscious internet users nowadays.

If you suspect that your password has been stolen you should change it immediately and the new one should be hard to guess. You should also make sure you always use SSL connections in Gmail (you turn this on by clicking Settings and Set ‘Browser Connection’ to ‘Always use https’). Also make sure you don’t have any viruses or spyware on your computer.

In Gmail you can see your last account activity in order to see if anyone else logged in to your account. More info here.

Forum thread of users reporting spam being sent to their contacts.

HTMN2RJV79MC

address bookgmailgoogleidentity theftSpam

Gmail sign up is now available again and much more!

Finally! This day has come and we gladly inform you that you can sign up using your Gmail based email address again. Here you can see how it looks like when you sign up using Gmail address: As you can … Continue reading

Yahoo and AOL support

Hey everyone! We have amazing news. Recently we have released the latest versions of both Android and iOs mobile applications. With the latest update we have added support for Yahoo and AOL accounts. What does it mean, aren’t you supporting … Continue reading