Blog Post graph for "Introducing-Potentially-Compromised-Account-Reporting"


Introducing (Potentially) Compromised Account Reporting

Compromised accounts are one of the biggest issues today. These accounts are often used to send spam, phishing, and malware, which results in endless problems on several levels.

So, starting today, we’re going to do something to help you with those compromised accounts.

In December 2019, we found some interesting data coming from a set of special traps we run. Those traps receive a ton of SMTP Authentication attempts for external domains (not for our trap domains). This raw set of data alone helped several of our customers to find and close down hundreds of compromised accounts.

The data is inherently noisy due to dictionary attacks, past compromises, or password leaks. We did some magic tricks to make this data available with the minimum amount of noise and the maximum possible value.

From today on, we create daily summaries of all the compromised accounts we’ve observed over the previous 24 hours, add necessary metadata, and send it to the affected Postmasters and Abuse Desks.

You have more questions? Check out our docs page for more infomation

This mechanism provides immediately actionable data to catch compromised accounts and handle them with the focus they need and deserve. 

If you have any questions, feedback, or suggestions, please feel free to reach out to us via our online chat feature at the bottom right of this page or use the form below.


Read More


(Editor’s Note: This article was updated on March 21, 2024) We have received this question several times through our support...


For providers serious about abuse, the importance of network security and <a class="glossaryLink" aria-describedby="tt" data-cmtooltip="cmtt_93e0d29896165aef0ba9cc3a4a71bf4a" href="" data-mobile-support="0" data-gt-translate-attributes='[{"attribute":"data-cmtooltip", "format":"html"}]' tabindex="0"...