just found the following phishing mail in my INBOX addressed to an unique email address only used for my dyndns account:
To:
Subject: My resume
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="__MESSAGE__ID__ABcSZaXcVzngFw"
--__MESSAGE__ID__ABcSZaXcVzngFw
Content-type: text/html; charset=utf-8
Content-Transfer-Encoding: 7bit
Hello,
Thank you for getting back to me about the clerk position.
I really want to be a part of the company and the job sound great.
So I'm sending you all documents with the scan of my passport.
Looking forward to your reply.
Thank you.
--__MESSAGE__ID__ABcSZaXcVzngFw
Content-Type: application/x-msdownload; name="Resume_CV_Passport_Scans.zip"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="Resume_CV_Passport_Scans.zip"
...
Googled "dyndns hacked" just after reading this mail and found this board.
I emailed them directly around the time I made the original post here, and got a response from Dyn asking for the spam/scam message and full headers. (which I sent) Seeing that other users are also getting the same spam kind of confirms my suspicion that the Dyn email list is "out there".
Now the question is how it got there-- either via 3rd party, or system compromise.
·
·