On 3/27/2025 3:55 PM, Jaroslaw Rafa via mailop wrote:
Hello, a few days ago someone managed to abuse an account registration form on my personal website and a few dozens of random recipients at different domains (mostly at Yahoo) got registration confirmation emails from my address. The scale of the attack was not big, it was about 20-30 mails in total until I noticed it and secured the form to block the attack. However I wonder - and here I'm looking for your opinion - what can be a possible gain for the attacker from such an attack? The form does not have any field to enter own information that could be passed to the recipient - just login, password and email - so all the recipient gets is a standard message saying that someone registered an account named XYZ on my website using their email address, and if they want to confirm it, they should click the link, otherwise do nothing and the registration will expire in 24 hours. How can anyone benefit from spamming people with such messages?
It might be relatively small volume to your server, but I've seen them be used to contribute to transactional email-bomb attacks in concert with hundreds/thousands of other similar abused forms/services to hide activity such as password reset notifications to real (important) accounts, or bank transactions/notifications, etc.
- Mark Alley
_______________________________________________ mailop mailing list [email protected] https://list.mailop.org/listinfo/mailop
