Lyons Digital Media, Home
This past week, we received an email abuse report from our data center. We always take these issues quite seriously and investigated the report. The spam emails were coming from our server. We were able to verify this by looking at the header information of the email messages, which clearly showed them passing through our customer's server even though the email account listed as the sender appeared to be bogus.
The messages were sent from an email address that had been compromised. An email account had been hacked by brute force and the spammers used the account to send mail under various aliases through the customer's server.
Following security procedures, we changed the password on the account to a new secure password, notified the customer of the issue, and monitored the mail flow to insure that no more messages were being sent by the account.
We hear about, and see, email messages that appear to have been sent by customer accounts. You may even get emails from yourself, that you know you did not send. When this happens, your email account is being spoofed.
Generally speaking, you can mark these messages as 'junk' because the junk filters in most email accounts will analyze the email account not the alias. Unfortunately, we can't stop the spoofing, but you can use sender authentication to reject the incoming bounces.
What Can You Do?
Persons bent on malicious web activity have become more skilled and more determined. As a result, all end users of web services need to step up their game to secure their site and email. We strongly recommend the following:
- If your default email or website login account is generic-sounding (admin, administrator, info, sales, etc.), change it to something much less generic.
- Always use secure passwords for all your logins.
- Do not repeat the same password across different login accounts.
- Change your passwords often.
- Use a password vault program like 1Password to store your passwords, online identity information and more. These type of programs may also generate secure passwords for you.
- Review the email accounts you have set up in your account cPanel. Are there unused accounts that appear to have a lot of mail stored in them? Check them to see if they've been compromised.
- If an email account is unused, but needs to be kept for archival purposes, set up a forwarder so that all mail addressed to that account goes to you or another person in your organization. Once the forwarder is set up, delete the email account so that it isn't a target for malicious activity.
- Keep your software up to date, especially web programs like Joomla, Wordpress, Drupal, etc. Subscribe to the security newsletters for the program you use so that you get notified whenever a security update is available.
- Don't use third-party toolbars in your web browser unless you are absolutely sure of the origin and quality of the company providing the toolbar. This is especially true if you use Internet Explorer. These add-on toolbars are often used as a quick and easy way to gain access to your computer.