Australian online ticketing service Tickemaster has been hit by a phishing raid that has defeated Spam filters. Several Reg readers report receiving multiple emails yesterday (Vulture South received nine), all purporting to report newly-purchased tickets. The messages evaded Spam filters, although Gmail has since re-classified …
Saw these hitting spamtraps yesterday...
...and had to laugh. There was no payload - all the links in them were to ticketmaster's website. At least, they were in the examples I saw.
These particular ones aren't too hard to keep out - after the fact. Turns out there are some trivial checks you can do based on Ticketmaster's envelope-sender address format for legitimate transactional emails. Unfortunately, though, it's the kind of thing where you don't know you need a simple new new rule until the spew starts flooding in.
I don't know why the spammers would bother phishing
Ticketmaster store passwords in plaintext, may as well focus your efforts on lifting the DB.
- Pic Mars rover 2020: Oxygen generation and 6 more amazing experiments
- Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
- Boffins spot weirder quantum capers as neutrons take the high road, spin takes the low
- Plug and PREY: Hackers reprogram USB drives to silently infect PCs
- Review Fiat Panda Cross: 'Interesting-looking' Multipla spawn hits UK