You're probably thinking of it from the position of spamming people. It's probably just some automated tool searching for ways to attack various websites using guessed or stolen credentials.
-A On Thu, Mar 27, 2025 at 2:06 PM Jaroslaw Rafa via mailop <[email protected]> wrote: > Hello, > a few days ago someone managed to abuse an account registration form on my > personal website and a few dozens of random recipients at different domains > (mostly at Yahoo) got registration confirmation emails from my address. The > scale of the attack was not big, it was about 20-30 mails in total until I > noticed it and secured the form to block the attack. > > However I wonder - and here I'm looking for your opinion - what can be a > possible gain for the attacker from such an attack? The form does not have > any field to enter own information that could be passed to the recipient - > just login, password and email - so all the recipient gets is a standard > message saying that someone registered an account named XYZ on my website > using their email address, and if they want to confirm it, they should > click > the link, otherwise do nothing and the registration will expire in 24 > hours. > How can anyone benefit from spamming people with such messages? > -- > Regards, > Jaroslaw Rafa > [email protected] > -- > "In a million years, when kids go to school, they're gonna know: once there > was a Hushpuppy, and she lived with her daddy in the Bathtub." > _______________________________________________ > mailop mailing list > [email protected] > https://list.mailop.org/listinfo/mailop >
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
