On April 4, Yahoo published a DMARC reject policy, telling mailbox providers to reject any mail from a Yahoo domain if it doesn’t come from Yahoo’s own servers. Today, AOL confirmed that many of its users have also been compromised, and the spammers are spoofing their addresses to send mail to their contacts. Yahoo made it hard for them to spoof Yahoo users, so they moved on to AOL. Today, AOL announced that they, too, have implemented a DMARC reject policy.
If there is one word to describe a cybercriminal, it is agile. Where will they go next?