[kwlug-disc] I added you as a friend on Quepasa.com
unsolicited at swiz.ca
Sat Dec 4 13:53:09 EST 2010
John Johnson wrote, On 12/04/2010 12:27 PM:
> At 11:46 2010-12-04, Oksana Goertzen wrote:
>> I think the problem occurred for a number of reasons, I'm using Gmail
>> and it
>> linked into my Gmail account and sent a number of emails as though they
>> came from me directly.
> A similar thing happened to a coworker a while ago and to a relative
> recently. I will call it loop-back malware. The coworker had his gmail
> account open one on browser tap/page while browsing elsewhere. The
> loop-back malware came in and found his gmail account and mailing list
> etc. Then masquerading as the user, the malicious malware mailed
> mischievous maybe malignant or malevolent missives to the multitude.
So, note to self - don't stay logged in to gmail, or any other service
(yahoo, web mail, facebook?) any longer than you're actually using it,
and never remember / store passwords?
And a defence is to enable whatever preventative settings are present,
to disallow one site's data (cookies, at the least?) to be accessed by
another site? (This / these are the cross-site scripting 'settings'?)
Which becomes more and more irritating these days, as more and more
things link in to facebook, google, and whatever. Including Open ID.
More information about the kwlug-disc_kwlug.org