Ashley Madison hack: Don’t click on that mail from the ‘cheating website’

Since August 19, a day after the customer database of the cheating site was posted online, Symantec claimed to have blocked thousands of spam emails listing domains relating to Ashley Madison in the “to” or “from” fields.

Among the domains blocked were:

ashleymadisonaccounts.com
ashleymadisonlegalaction.com
ashleymadisonlistleak.com
ashleymadisondata.net
ashleymadisondata.info
ashleymadisondata.co.uk
ashleymadisondata.org
ashleymadisonteam.com
ashleymadisonleakeddata.com
ashleymadisonnews.net
checkashleymadison.com
ismyhusbandonashleymadison.com

From August 22, further spam campaigns have been blocked that contain references to the website in the subject lines of emails. Blocked subject lines included:

“How to check if your email is part of Ashley Madison’s hack”
“Ashley Madison Hack Should Scare You”
“How to Check if You Were Exposed in Ashley Madison Hack”
“Ashley Madison records leak”
“Ashley Madison Hack Update”
“Ashley Madison hacked, is your spouse cheating”

Symantec claims Ashley Madison has always been the subject of some spam activity with subject lines like “pending message from ashleymadison.com” being reported earlier this year.

But there has been a spike since the data breach with the number of spam campaigns blocked going up substantially since August 18.

Security writer Brian Krebs has even who some scammers were resorting to blackmail of people whose details had been exposed with one email demanding bitcoin worth US$225 in exchange for a promise of non-disclosure.

Symantec advises that people should be very wary of any email purporting to relate to the leak and exercise caution with websites offering to check if someone’s details are included in the breach. “Do not pay anyone offering to remove personal details from the leaked data, since this cannot be done. This information is already in the public domain and multiple copies exist,” said a post from the firm.