Spam to all my legitimate accounts... Umm?

So I fired up mutt tonight to check my mail, and got the same message about ten times. I'm looking, and it was sent to most of the legitimate accounts/aliases on my domain. (All of which get to my mailbox.)

What I'm concerned about isn't that I'm getting spam, but how they got my account. Some are very limited-use. (fafsa@mydomain -- given for my student loan.... mom.cell@mydomain -- an unpublished forwarder to my mom's cell phone.)

How exactly do the spammers know to target these? I'm thinking 1 of 2 things:

1.) Someone (my mom?) to whom I've forwarded various e-mails using various mailboxes has gotten a virus, that has harvested these and sent them off to spammers?

2.) Someone has somehow obtained a listing of all my cPanel mail accounts.

Not to sound like a snob (?), but I haven't had to deal with viruses in a couple years (if you're careful, it's really not that hard?). Is #1 going on a lot these days? (And if so, has anyone made a link between the virus and the spammer themselves and filed massive criminal charges?) Is there a known exploit that allows #2?

Someone tell me I can stop freaking out. Spam to all my legitimate accounts... Umm?

 

 

 

 

Top