The use of compromised (e.g. stolen credentials or hacked) accounts to send spam and scams has increased throughout 2011 to become a growing percentage of the unwanted email that is being sent by spammers.
The increased use of compromised accounts raises several questions:
• What accounts are targeted?
• How are the accounts compromised?
• Are the accounts used for other purposes besides spam and scams?
• How do users figure out that their account is compromised?
• How do users regain control of their accounts?