Opinion

E-mail address lists – legitimate service or spammer support?

Today you can buy a CD containing 4.6 million UK e-mail addresses, plus software capable of e-mailing 30,000 e-mails per hour. And all for the bargain price of £29.95 – money to be sent to a PO box in London.

This reminds me of attempts in 1992 to sell collections of viruses [for research purposes, of course]. These included John Buchanan [aka aRiStOtLe] in the US and ‘The Virus Clinic’ in the UK. The latter was closed down in a raid by New Scotland Yard’s Computer Crime Unit. It will be interesting to see what the fate of this e-mail seller will be.

Of course, the sale of databases containing e-mail addresses isn’t new and there are lots of legitimate sources for such data. However, they’re not usually available for such a bargain price. They’re not normally available through the anonymity of a PO box either. Both of which raise concerns about the source of this data and its possible use in generating yet more spam.

E-mail address lists – legitimate service or spammer support?

Your email address will not be published.

 

Reports

Kimsuky’s GoldDragon cluster and its C2 operations

Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related entities. In early 2022, we observed this group was attacking the media and a think-tank in South Korea.

Andariel deploys DTrack and Maui ransomware

Earlier, the CISA published an alert related to a Stairwell report, “Maui Ransomware.” Our data should openly help solidify the attribution of the Maui ransomware incident to the Korean-speaking APT Andariel, also known as Silent Chollima and Stonefly.

Subscribe to our weekly e-mails

The hottest research right in your inbox