Windows Live and SkyDrive are safe havens for spammer?

Microsoft is rising quickly on a running list of the Top 10 Worst Spam Service ISPs as maintained by spamhaus.org [Wiki], a group that tracks unsolicited commercial e-mail. Brian Kreb on Washington Post blog reports that spammers are using Windows Live, through live.com and livefilestore.com domains to redirect visitors to sites that peddle fake pharmacy products, porn and […]

Microsoft is rising quickly on a running list of the Top 10 Worst Spam Service ISPs as maintained by spamhaus.org [Wiki], a group that tracks unsolicited commercial e-mail. Brian Kreb on Washington Post blog reports that spammers are using Windows Live, through live.com and livefilestore.com domains to redirect visitors to sites that peddle fake pharmacy products, porn and Nigerian 419 scams.

Microsoft over the past few days slid down to #5 from  #9 of its earlier this month listing. One problem is in blocking a popular site such as microsoft.com causes its own problems, according to the blog post:

Richard Cox, Spamhaus's chief information officer, said spammers advertise the links at Microsoft's properties by the tens of thousands at a time, because they know anti-spam groups are unlikely to block Microsoft properties outright.

Spammers are using SkyDrive accounts to hold snippets of javascript code that, when run, redirect anyone led to them by an email link to various scammer websites, including gaming and online pharmacy sites. Others have reported on problems with spam hosted on SkyDrive accounts recently as well, according to Kreb.  In January, McAfee wrote about it in a blog post of their own, and last month UK security firm Marshal  posted as well

Microsoft has been slow to react to the issue, according to Cox: "It should not be difficult for a company with Microsoft's resources to identify and mitigate that abuse in-house without any external input, but so far this has not happened," Cox said. "Microsoft's live.com system has for some time been supporting an illegal drug sales operation, and Microsoft has known this."

Full Article

Source:→ LiveSide