On Sun, 6 Jan 2013 10:26:10 +0100 Juan Jose Garcia-Ripoll <[email protected]> wrote:
> It seems that my email account was compromised from USA, using SMTP access > to gmail (is this possible at al?) to send email to all my contacts and > lists. That's possible without SSL via SMTP if it requires authentication, via POP3/IMAP, or with spyware on a system you used, cross-site-scripting (XSS) site vulnerabilities (I'm not sure if gmail is vulnerable to that, basically it permits another site to issue a command on behalf of one of your already logged-in accounts, like sending mail in the case of a webmail account by issuing an especially crafted HREF or FORM; sites whihc are not vulnerable to this usually also require a code to be used as part of the command which is hard to guess)... It's unfortunately all too common for webmail accounts to get compromised, and you don't need to feel responsible, other than trying to correct the situation, which you're already doing :) BTW, I hope your eyes are better, -- Matt ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnmore_123012 _______________________________________________ Ecls-list mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/ecls-list
