Security News Mailboxes are currently flooded by password reset, newsletter or account confirmation mails – it's an attack

Gandalf_The_Grey

Gandalf_The_Grey

Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,868
Content source
https://borncity.com/win/2024/02/25/mailboxes-are-currently-flooded-by-password-reset-newsletter-or-account-confirmation-mails-its-an-attack/
A German blog reader contacted me this week and reported a worrying observation made by one of his customers. The customer is receiving a flood of requests to reset his passwords, to confirm a newsletter or a now user account. The messages really do come from the services in question. At the moment, it is still somewhat unclear what exactly is behind this. But my suspicion is, that this email flood shall hide a breach of an account.

It's suspected, that attacks on various content management systems (CMS) and websites are made, where password resets are triggered automatically. Or bots created newsletters and new accounts on different services in behalf of a victim. It is possible that something is triggered in brute force attack attempts on these systems in terms of password resets. However, I have a case in mind from 2020 where a PayPal account hack was to be concealed by something like this. Here is, what I know so far.
Click to expand...
borncity.com

Mailboxes are currently flooded by password reset, newsletter or account confirmation mails – it's an attack

[German]A German blog reader contacted me this week and reported a worrying observation made by one of his customers. The customer is receiving a flood of requests to reset his passwords, to confirm a newsletter or a now user account. The messages really do come from the services in question. At...
borncity.com
 
  • Like
  • +Reputation
Reactions: silversurfer, scorpionv, n8chavez and 5 others
n8chavez

n8chavez

Level 21
Well-known
Feb 26, 2021
1,079
I have been getting a lot of email, supposedly from pcloud, that says my account was signed into and to verify it was me. However, the from address is not a pcloud address. But it looks identical to one that pcloud has sent before. Be on the look out for things like that too, I guess.
 
  • Like
Reactions: scorpionv and Gandalf_The_Grey

Similar threads

Gandalf_The_Grey
    • Wow
    • Like
Security News Indian tech giant Tata Technologies hit by ransomware attack
Replies
0
Views
494
Security News
Gandalf_The_Grey
Gandalf_The_Grey
Jonny Quest
    • Like
    • Hundred Points
Security News Malicious Chrome extensions can spoof password managers in new attack
Replies
18
Views
2,359
Security News
lokamoka820
lokamoka820
oldschool
    • Like
    • Applause
Security News Passkey technology is elegant, but it’s most definitely not usable security
Replies
4
Views
1,503
Security News
Wrecker4923
Wrecker4923

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top