Click the comments link on any story to see comments or add your own.
Subscribe to this blog
21 Apr 2011
Emailvision is a bulk mail company in the suburbs of Paris, France. They are, in my experience, almost uniquely inept. Nearly all of the mail they send to my users is clearly spam, sent to addresses on stolen, scraped, or resold lists, which is pretty impressive in France, a country where selling individuals' personal information is illegal.
But now, they're fake sending Acrobat malware spam, indicating that they have security problems, too, and criminals have access to their systems. The spam below came from their network 126.96.36.199/20. I have told them about it, but they show no evidence of doing anything about it, or even understanding what the problem is. ("We will tell our customer to review their lists.") Do not follow the links unless you want to infect your Windows machine with malware.
As I've noted before, at this point the only reasonable assumption is that any mail from ESPs is hostile, even from ESPs who, unlike Emailvision, have historically been well behaved.
Update: Emailvision wrote to me and claims that this was a one-off hack of a client, and their systems are secure. Given that in every other case of spam like this, first the bad guys broke into the ESP and stole a client list and then phished the clients, I find it much more likely that the same thing happened and Emailvision hasn't noticed yet.
My other sites
© 2005-2020 John R. Levine.
CAN SPAM address harvesting notice: the operator of this website will not give, sell, or otherwise transfer addresses maintained by this website to any other party for the purposes of initiating, or enabling others to initiate, electronic mail messages.