On Apr 21, 2014, at 6:50 PM, Ben Parker <[log in to unmask]> wrote:
\This is a separate problem from the Yahoo.com DMARC problem, even though the
error is reported for attempted delivery to a *@yahoo.com address, or one of
the many other domains like sbcglobal.com, rogers.com, etc. that are actually
handled by Yahoo.

These are spam emails coming with 'Forged From:' addresses, so far all from:
[log in to unmask].  The Subject: lines are like "Hi! News" or "Fw: News" or
"Fw: Re:"  The email consists of 2-3 lines, in this format:

--------------
 Hi!
 News: http://(spam URL)  (NEVER Click on these!)

 [log in to unmask]
--------------

These are all spam.  But although the From: address says [log in to unmask], the
mail in fact did not come from aol.com servers. …

===snip===

These originated about a week ago. While AOL has not acknowledged it, I suspect this was a break-in to AOL’s servers rather than hacking individual accounts. And changing your AOL password doesn’t fix it. Usually the first message actually DOES come from AOL, then the followup messages come from other sources with @aol.com in the FROM field. The messages appear to go to the spoofed sender’s contact list, indicating that the perps really did access the AOL account. At least one of the messages I got I’m sure was not from a hacked account; the ostensible sender has been dead for 2 years.

A few people I know who were affected called AOL, and a couple of them received unofficial acknowledgement that AOL was working on fixing the problem and that it was not a simple case of a compromised email account. Forbes also had an article that mentioned AOL break-ins in February.

best regards,
Larry
hmssurprise.org site manager
--
Larry Finch
[log in to unmask]




To unsubscribe from the LSTOWN-L list, click the following link:
http://peach.ease.lsoft.com/scripts/wa-PEACH.exe?SUBED1=LSTOWN-L&A=1