I just got a spam email from "Alicia_Simmons@yahoo.com".
She says: "Your friend has prepared for you to meet up with another friend."
And pointed me to a URL: "http://mywaytodate.com/confirm/?oc=########"

Getting a spam like this isn't all that strange. I'm certainly used to getting emails like this.
But this one was a little different. And a bit concerning.

You see, when I looked behind the scenes at what email address this spam was sent to, it was sent to a special email alias that I had set up only for emails from United Airlines. I've gotten a number of newsletters from United since last November.

This means that the spammer behind this email very likely got this email address from United Airlines' server. And then the question becomes did they get other information from United Airlines besides just my special email address? And of course, how many other people's information did they get?

I immediately wrote to United Airlines, and included the raw version of the email, expressing my concern about the possible breach in security.

Then I traced where the email came from with ARIN Home Page and sent another email off to what is hopefully resposible administrators who can at least shut down the route that the spammer used to send out the email.

No comments: