Posted By: ITWiser Webmaster - Yorkshire's IT Specialists
Posted By: ITWiser Webmaster
MailChimp ‘working’ to stop hackers throwing malware-laced spam from accounts
Email newsletter distribution service MailChimp mainly used for sending newsletters, bulletins and in some cases invoices and order confirmations have assured they will act on the misuse of accounts to send malware-tainted spam.
Security experts have been becoming increasingly frustrated that the problem has been going on for months. Contaminated messages sent through the MailChimp network can pass authentication checks which cause problems. Also, email providers often whitelist MailChimp, so together this means that any dodgy messages sent are much more likely to reach recipients’ inboxes. Criminals are hacking into MailChimp’s network to send false invoices and malware-tainted emails.
In one scenario, Red Bull Records MailChimp account was breach, and the database abused to send Apple-themed phishing emails. It is assumed that spammers have gained access by a vulnerability in MailChimp itself, a weak third-party plug in that combines into MailChimp, or customer information being stolen through phishing attacks.
In response to queries MailChimp acknowledges the problem and said that unspecified initiatives would address it. It advises, in the meantime, users should lock down their accounts by using a two-factor authentication.
To protect your systems from this, and other malware threats, you should ensure that your office computers are protected with Cloud Web Security. ITWiser’s cloud Web Security solution employs state of the art antivirus, antiphishing, and an antispyware and malware engine to provide unparalleled protection from malicious content. Get in touch with ITWiser about Cloud Web Security today.