Re: Web mail intercepted! How?
From: Micheal Espinola Jr (michealespinola_at_gmail.com)
Date: Fri, 5 Aug 2005 09:55:47 -0400 To: firstname.lastname@example.org
First, as a precautionary measure, change change passwords for all the
accounts related to logging on the originating system as well as
connecting to and logging into the web mail account.
Second, check for key loggers or other localized trojans on the system
that the email was posted from.
Third, analyze the connectivity between the originating system and the
web mail server for proxies or other intermediary systems that may be
eligible for compromise or abuse.
On 4 Aug 2005 03:56:31 -0000, email@example.com
> Someone at our company sent email using a free Web mail service from a workstation inside our network. The message was somehow intercepted by a third party, was forwarded to an unknown number of people, and found its way back to the sender...
> Needless to say, the sender is quite upset ...
> We don't know whether the Web mail account was compromised from the outside, or if someone is packet-sniffing or keylogging from inside the network.
> We're going to start looking tomorrow... any ideas on how to proceed?
-- ME2 <http://www.santeriasys.net/>