ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > General Software Discussion

Chrome permits bad websites to send spam from one's email account???

<< < (2/3) > >>

cyberdiva:
Thanks, nudone and Jibz.  I tend to agree with you.  I can't imagine why she thinks it's a security hole in Chrome that is causing this, especially since there doesn't seem to have been any publicity about this rather serious problem.  And yes, I know several people who have had their hotmail accounts hacked.  But is hotmail the same as msn?  I hadn't thought so, though they're both Microsoft.  She's got an msn.com address.  Oh well, no reason that msn is any safer than hotmail.

Again, many thanks.  I figure if the folks at DonationCoder haven't heard about this supposed security hole, it probably doesn't exist.

NigelH:
Actually, I was hit by something similar via my Yahoo email account just a few weeks ago
I clicked on a link (in an email that I thought was valid) but did not verify the link first. Yeah , stupid I know.
It was an email from a friend and the subject matter appeared similar to what we'd been discussing recently.
I was signed into my email a/c at the time and the Javascript code on the site managed to access my Yahoo contacts and broadcast the same spam link to many of my contacts - including subscription list email addresses. Ticked me off no end.
I was using Opera 11.64 at the time and thought my Yahoo a/c had been hacked.
The IP sign-in logs in the Yahoo account had only my IP address - the last sign-in was the day before.

If anyone would like see the specific links, PM me.

Phishing target site at WOT:  http://www.mywot.com/en/scorecard/wa15news.net
Whois info : http://whois.domaintools.com/wa15news.net
This was one target site as well:  http://whois.domaintools.com/ca15news.net

Pity it was not caught by OpenDNS phishing checks.
Unfortunately, I also had Opera's Fraud and Malware Protection turned off (not any more though).



Jibz:
That is interesting .. just for clarity, were you looking at the e-mail where you clicked a link from within your yahoo account, or was it somewhere else? I hope it is not possible to access stuff like your address book from remote sites.

Deozaan:
Yeah I've heard of this security problem before. It's called PEBKAC. Unfortunately it is a vulnerability that exists with all browsers. :(

NigelH:
...were you looking at the e-mail where you clicked a link from within your yahoo account ...
-Jibz
--- End quote ---
Yes - did a right-click then open in background tab.

.. It's called PEBKAC ..
-Deozaan
--- End quote ---
I trust you enjoyed that.



Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version