Internet and e-mail policy and practice
including Notes on Internet E-mail


2011
Months
Apr

Click the comments link on any story to see comments or add your own.


Subscribe to this blog


RSS feed


Home :: Email


21 Apr 2011

Insecure ESP du jour: Emailvision Email

Emailvision is a bulk mail company in the suburbs of Paris, France. They are, in my experience, almost uniquely inept. Nearly all of the mail they send to my users is clearly spam, sent to addresses on stolen, scraped, or resold lists, which is pretty impressive in France, a country where selling individuals' personal information is illegal.

But now, they're fake sending Acrobat malware spam, indicating that they have security problems, too, and criminals have access to their systems. The spam below came from their network 81.92.112.0/20. I have told them about it, but they show no evidence of doing anything about it, or even understanding what the problem is. ("We will tell our customer to review their lists.") Do not follow the links unless you want to infect your Windows machine with malware.

As I've noted before, at this point the only reasonable assumption is that any mail from ESPs is hostile, even from ESPs who, unlike Emailvision, have historically been well behaved.

Update: Emailvision wrote to me and claims that this was a one-off hack of a client, and their systems are secure. Given that in every other case of spam like this, first the bad guys broke into the ESP and stole a client list and then phished the clients, I find it much more likely that the same thing happened and Emailvision hasn't noticed yet.


Date: Thu, 21 Apr 2011 04:13:56 +0200 (CEST)
From: Adobe System Incorporated
Reply-To: Adobe System Incorporated
To: a user
Message-ID: <2100000000.48349.1303352036018@p4enginex2.emv2.com>
Subject: Download New Adobe Acrobat Reader Software For Windows and Mac

INTRODUCING UPGRADED ADOBE ACROBAT READER

Adobe is pleased to announce new version upgrades for Adobe Acrobat Reader.

http://www.adobe-acrobat10-software.com

Advanced features include:

- Collaborate across borders
- Create rich, polished PDF files from any application that prints
- Ensure visual fidelity
- Encrypt and share PDF files more securely
- Use the standard for document archival and exchange

To upgrade and enhance your work productivity today, go to:

http:///www.adobe-acrobat10-software.com

Start downloading the update right now and let us know what you think about it.

We're working on making Adobe Acrobat Reader better all the time !

Copyright 2011 Adobe Systems Incorporated. All rights reserved.
Adobe Systems Incorporated
343 Preston Street
Ottawa, ON K1S 1N4
Canada


posted at: 17:52 :: permanent link to this entry :: 1 comments
posted at: 17:52 ::
permanent link to this entry :: 1 comments

comments...        (Jump to the end to add your own comment)


All ESPs at this point should have outbound filters in place that are alerting them to any messages that are attempting to be sent with a similar signature.

This group is clearly on a rampage in the ESP world and I am beginning to suspect that the purpose is to actualy bring down the entire industry by way of ruined reputations.

(by Justin Coffey 22 Apr 2011 03:34)


Add your comment...

Note: all comments require an email address to send a confirmation to verify that it was posted by a person and not a spambot. The comment won't be visible until you click the link in the confirmation. Unless you check the box below, which almost nobody does, your email won't be displayed, and I won't use it for other purposes.

 
Name:
Email: you@wherever (required, for confirmation)
Title: (optional)
Comments:
Show my Email address
Save my Name and Email for next time

Topics


My other sites

Who is this guy?

Airline ticket info

Taughannock Networks

Other blogs

CAUCE
Criminal Abuse of Domain Names: Bulk Registration and Contact Information Access
87 days ago

A keen grasp of the obvious
My high security debit card
394 days ago

Related sites

Coalition Against Unsolicited Commercial E-mail

Network Abuse Clearinghouse



© 2005-2018 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.