Spam Question

One of my customers has started to receive "gibberish" spam to her email account. Some things of note:

-- She is extremely protective of this account as it's her "trusted" email account she uses only to personal recipients.

-- She is almost as paranoid as me (which is very paranoid) about security. She even poop-cans attachments from me unless I tell her beforehand that I'm sending an attachment--and we've been corresponding since 1989!

-- The incoming spam has a sender's address of her own email account.

Okay, I've been at this game (email, security, etc.) for more years than I care to admit but I'm missing something. "Gibberish" spam that attempts to sell nothing?

Aside from that, the more interesting question is how might her address have gotten out? I'm speculating three ways:

1. Her machine is compromised (which we've pretty well ruled out through various scans)

2. She sent an email to a "trusted" recipient who's machine has been compromised and an Evil Spammer boosted her address and, of course, others.

3. A trusted recipient forwarded an email with her address in it and that person's machine was compromised, yada yada yada.

Anyone have any other speculative possibilities? Anyone seen this behaviour before (spam sent to you from your own address)?

Thanks

Charles
 
It is actually pretty random crap, I have been seeing it as well, it is many lines of just random ASCII symbols.

I was reading today of a new virus/trojan doing this, and it changing daily (auto updating) to evade AntiVirus, but tihs sounds almost unreal to me.
 
It's the pointlessness of it that boggles the mind.

Would you agree, however, that the most likely culprit (ruling out her own machine) is that one of her recipients has a compromised box?

What's the link, btw, to the trojan you were reading about (if it's semi-handy; don't waste time hunting around for it if it isn't).

Thanks again.
 
Back
Top