Asian Spam Coming From Hijacked Webmail Accounts

A new spam campaign appears to be coming from hijacked Yahoo, Hotmail, and GMail accounts. The messages all advertise Chinese electronics and apparel retailers (and it’s a sure bet that the products they sell are counterfeits!) and look something like this:

          How are u doing these days?Yesterday I found a web of a large trading company from china,which is an agent of all the well-known digital product factories,and facing to both wholesalers,retailsalers,and personal customer all over the world. They export all kinds of digital products and offer most competitive and reasonable price and high quality goods for our clients,so i think we you make a big profit if we do business with them.And they promise they will provide the best after-sales-service.In my opinion we can make a trial order to test that.

A Washington Post columnist reported a family member’s Yahoo account had indeed been hijacked by the scammers and used to send spam like the one above to everyone in his address book. The scammers also deleted the last 30 days of messages in his sent folder and tacked their spam on to his signature file. A virus scan turned up no infections, indicating perhaps the hijack had been the result of the user falling for a previous phishing attack, or perhaps even a hacked server on each of the webmail providers affected.

The links in the spams all lead to recently set up domains which could mean the scammers have set up fake storefronts designed to steal credit card numbers. I’ve gotten several of these spams lately, but none came from anyone I knew. If you discover your account has been compromised by this scam, change your password immediately, then send out an email to your customers and colleagues explaining the situation and apologizing.

To protect yourself, never respond to any email or instant message asking for your username, password, or other personal information, no matter how legit it may appear. If you think it might be, pick up the phone and call the company allegedly asking for the information. It’s worth the time it takes to protect both your accounts and your personal information!