Under the topic “My account is sending spam emails”, this from a giant, ever-growing thread in Google’s Gmail product forum:

My email account has sent out 3 spam emails in the past hour to a list of about 10 addresses that I don’t recongnize. I changed my password immediately after the first one, but then it happened again 2 more times. The subject of the emails is weight loss and growth supplements for men advertisements. I have reported them as spam. Please help, what else can I do to ensure my account isn’t compromised??

This is followed by a wave of people with similar experiences. Making my way through the thread, it appears that this is a weakness in a specific DNS implementation, a hole in the system that makes spoofing via Canadian national telecommunications company Telus open to anyone.

This from Telus’ official Twitter account:

There are currently spam emails being circulated which are disguised to appear from https://t.co/rpexKwMFiR. We can confirm they are not being generated by TELUS nor are they being sent from our server. We are working with our 3rd party vendors to resolve the issue. pic.twitter.com/LzYZMTU0ZN

— TELUS Support (@TELUSsupport) April 22, 2018

And see this Hacker News post for more of a deep dive.

Another example of how delicate our tech infrastructure can be.