WBrown wrote: > Are the credentials really stolen, or is the ratware actually using > the credentials that belong on the zombied computer. I would bet the > later. User changes password without cleaning off the infection and > goes right back to sending spam.
... in which case you can infer that they're infected, and the problem has gone from a technical one to a business one. Do you cut off the customer's access, fix their infection, send them a warning note... ? -- Matthew.van.Eerde (at) hbinc.com 805.964.4554 x902 Hispanic Business Inc./HireDiversity.com Software Engineer _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang