Re: Web mail intercepted! How?

From: Micheal Espinola Jr (michealespinola_at_gmail.com)
Date: 08/05/05

  • Next message: Micheal Espinola Jr: "Re: Remote Management using Dial-up/Broadband"
    Date: Fri, 5 Aug 2005 09:55:47 -0400
    To: security-basics@securityfocus.com
    
    

    First, as a precautionary measure, change change passwords for all the
    accounts related to logging on the originating system as well as
    connecting to and logging into the web mail account.

    Second, check for key loggers or other localized trojans on the system
    that the email was posted from.

    Third, analyze the connectivity between the originating system and the
    web mail server for proxies or other intermediary systems that may be
    eligible for compromise or abuse.

    HTH

    On 4 Aug 2005 03:56:31 -0000, pagoda33@sbcglobal.net
    <pagoda33@sbcglobal.net> wrote:
    > Someone at our company sent email using a free Web mail service from a workstation inside our network. The message was somehow intercepted by a third party, was forwarded to an unknown number of people, and found its way back to the sender...
    >
    > Needless to say, the sender is quite upset ...
    >
    > We don't know whether the Web mail account was compromised from the outside, or if someone is packet-sniffing or keylogging from inside the network.
    >
    > We're going to start looking tomorrow... any ideas on how to proceed?
    >

    -- 
    ME2  <http://www.santeriasys.net/>
    

  • Next message: Micheal Espinola Jr: "Re: Remote Management using Dial-up/Broadband"