I rate spammers and their relatives as some of the filthiest scum on the earth because they prey on the innocent and vulnerable. People too naive and technically unable to defend themselves from attack by criminals out to steal, con, extort, blackmail, or otherwise extract money or resources for them while they hide behind the vastness of the internet. Their attempts may be seen as little more than the odd nuisance email (if it's not a stealthy attack), but this represents only the tip of a massive, dangerous, and highly organised criminal activity with no emotions, and the single aim of ruining anyone they can get their hooks into.
The following article is nothing particularly innovative, but I liked its simplicity, and it does give a few pointers in straightforward language that might help someone, so it deserves to be spread by the good guys in the White Hats - pity we can't distribute it using spam methods
Anatomy of a spam e-mail A daily chore of modern life for many is the morning trawl through a full inbox deleting spam email. But just where does it all come from and why do spammers use bizarre text, names and images in their emails?
I have found that using the Block Sender routine keeps the number of spam messages down a bit, presumably they have to use a new fake address everytime. It is certainly better than just deleting them as they then seem to multiply a lot. The message rules help a bit too but they seem to cotton on to this one and change the words used, particularly for viagra ads.
Doesn't happen (much) to me - as ignoring/deleting is the simplest and most effective treatment, assuming you have some sort of protection installed. Block Sender (or Blacklist) is ok, but they have thousands of address to send from, so is really only effective if the list comes from a provider. Fingers crossed, I have these in the wings, but haven't needed them yet (whistle)
I just got an email from another webmaster who has had to cancel and replace his private email address as a nasty type of spammer used it as the source of their filth, so there are all sort of hazards other than incoming spam.
For anyone that hasn't had this piece of advice, NEVER, and I repeat NEVER use the unsubscribe option or link on spam. This merely confirm that your email address has someone live at it to read their muck, and will increase your popularity. The link is fine, and safe to use on legitimate sites of course, but never on anything unsolicited.
I thought I'd have a quick look at the current spam criminal summaries, and see what's hot at the moment, and there are some handy examples to echo my warning about how dangerous it is...
Spam king and online drugstore operator Christopher William Smith, aka Rizler, 26, who is awaiting trial at the Sherburne County Jail, Elk River, Minn., used his phone privileges to arrange a hit on a witness and the witness's family. According to the indictment, Smith called an acquaintance from jail March 4 and allegedly stated he intended to threaten and intimidate a witness he expected would testify against him in his upcoming trial on drug and other charges. The indictment alleges Smith also said he intended to have the witness or the witness's family killed.
David Lennon, 18, used an e-mail-bombing program called Avalanche to send approximately 5 million messages to his former employer in 2004. The flood crashed the company's e-mail server.
Jeanson James Ancheta, 21, was sentenced to nearly five years in federal prison for using malicious software to seize control of 400,000 computers and then selling access to the zombie machines to spammers and hackers.
Sergey Kazachkov, of Voronezh in central Russia, former lead guitarist for Kazakhstan heavy metal band DLM turned science student, escaped jail after been convicted of running websites that distributed an estimated 4,000 different computer viruses.
A default judgment against Sanford ''Spamford'' Wallace and his company, SmartBOT.Net, orders them to give up $4,089,500 in ill-gotten gains.
Russians selling ''spyware for lamers'' kits for $15. Branded as WebAttacker, the script-kiddies' dream kit provides an overview and index to all the freeware and shareware spyware creation packages available on the Internet. The kit includes spam-sending techniques to lure victims to compromised Web sites and a number of applets and scripts that simplify the task of infecting computers.
Jumpstart hit with $900,000 spam fine. Jumpstart Technologies LLC will pay a $900,000 civil penalty for violating the CAN-SPAM Act, the largest penalty yet for illegal spam, according to the Federal Trade Commission (FTC).
Four indicted in Nigerian email scam. As part of a massive advance-fee scheme, the defendants allegedly sent spam e-mail to thousands of potential victims in which they falsely claim to have control of millions of dollars located in a foreign country that belongs to an individual with a terminal illness.
Inspired by this thread, or more likely just realising that I knew how to add the required code, I took the opportunity to add the interesting Spam Poison option to the Main Site.
This is a novel approach to the problem of spammers, and is unpopular with some 'experts', that uses their own methods against them.
When their bots crawl through your site, trying to harvest any email addresses that may appear inside it, they are directed to the Spam Poison site, which delivers millions of email addresses to the spammer's automated email generators - and every one of them's a falsie, dead as a doornail
I wandered by a site I have a tenuous connection with, and noted that it had had a revamp, and that the owner had set up a blog - only two entries, and in one he was making a big song and dance about his email address being abused, and getting no help from Ofcom, and having a dig at them too. When I noticed that he was accusing BT of this heinous offence, I had to look closer, and found he was 'Out of Order'.
Here the bulk of the issue, and if this is the sort of thing that Ofcom are not pursuing, then at least we know they are not wasting resources needlessly...
Spam and abuse of email addresses Today I received an email from BT. Nothing wrong there you might say except the email address was one I used for online ordering from DABS. BT bought DABS and, it seems, they are using the DABS email list. Again, you might say so what? The email was not for DABS products but BT products and you were linked to their shop not DABS.
Even though I did allow DABS to use my email address for marketing, I did not tick the box marked "third parties". According to Ofcom (waster of space really) this is an abuse of my email address.
I have complained to BT but only received a stock reply. I have tried to use Ofcom in the past but they really aren't interested and offer an online form that seems more geared to discouraging you from pursuing the process.
Grrrrr.
Without eyes on the BT contract drawn up to govern their purchase of DABS, I can only make assumptions, but having done similar, I can't see an organisation the size of BT buying an operation like DABS without having all its agreements Novated, or legally passed to them as part of deal. This would include DABS customers, and all information and agreements relating to them - in other words, BT becomes DABS so far as any existing deals are concerned, so Mr Grrrrr becomes a BT customer when the deal is done. If he has a problem with BT, then he contacts BT, in the same way as he could have contacted DABS, and says "Remove me, I no longer wish to be a customer". Ofcom doesn't enter the picture at any point - this is a business deal.
Reading between the lines, Mr Grrrrr says "According to Ofcom (waster of space really) this is an abuse of my email address", however he also goes on to say complained to BT and got a stock reply (why complain - ask to be removed), and used Ofcom in the past, so the 'According to Ofcom' remark is just that, his interpretation of the rules. It is also blatantly incorrect as he has stated he 'did not tick the box marked "third parties"'. Fine, and would be a reason to complain, if BT had been a third party that DABS passed his email on to, but they weren't. BT acquired DABS, and probably all their staff, assets, liabilities, contracts, and... customers.
It's a shame that Ofcom etc have to waste their time on nonsense like this, marked as spam, while the real spam pile up in our mailboxes offering is all sort of questionable medicines, questionable sexual advances from foreign lands, and millions of £/$ of wealth - and ruin the lives of the vulnerable folk that respond, generally poor and with mental health problems.
And Mr Grrrrr wants them to waste time over one email he got from BT, that wasn't even spam anyway.
1 If "Ignorance of The Law is No Excuse", the why can those providing services to spammer scammers claim immunity by saying they have no knowledge of what those they are providing services such as credit card handling, while ordinary mortals can't, for example, escape speeding prosecutions by claiming not know what the speed limit was?
2 Although the trail is convoluted, the researcher was nonetheless able to follow much of it. If there was any real desire or intent to quash spam scams, then it seems fairly obvious to my simple mind that a it wouldn't take much effort to tie together the authorities and the ISPs, and create software similar to that used to detects and bar stolen mobile phones automatically. Do the same to the scam spam chain, and since these crooks want an easy life, the increased effort (of which there is none at all at the moment) would make them fed up.
There doesn't seem to be any official enthusiasm to kill this - is it possibly because it doesn't provide tangible statistics of the number of victims? How many are in a rush to report their various patent organ expanders and weird medicines have cost them dear?
One repeat... if you note the closing comment in the articles, remember NEVER to reply or respond to any sort of spam, even to accept or confirm that you want to unsubscribe, or cancel it. All this does is CONFIRM to the scammer that there is a real, live person at the email they targeted, and you can depend on a lifetime of further spam to you account.
Over the past few weeks I have been receiving a deluge of spam, mostly offering dubious medical assistance. Over the past couple of days I have been receiving pages with no title and no sender or addressee details and what seems to be acres of code. When I tried to block the sender I hit a screen which said that one or more of the senders could not be blocked.
Deleting without opening is always a good idea, especially for those varieties with the subject line of "I thought you'd like this", which don't have they usual medical/sexual signs up front. Makes it tougher to come up with meaningful subjects for your own real messages though - so they don't get binned.
Once your email is "In the loop" there's nothing you can do about it, other than ensure you don't slip and accidentally read/reply and confirm it is 'live'.
I used to have another forum member that really was a Little Old Lady, and every time she emailed me I knew this would be followed by a period of weeks during which I would then receive a torrent of filth as it was clear that her machine had something installed on it that was using her active address book as a source of addresses to spam.
One of the easiest ways to have the rubbish blocked is to use one of the big webmail services. I've used lycos since day one, and it hasn't let me down. They has some sort of revamp recently, and although it seems to have caused some technical hiccups with the method I use to access it, I haven't seen a single spam message since they made the changes, previously there had be a few appearing each week.
I also use Google mail, which to date has filtered thousands of spam messages an not let even one into my inbox - unlike lycos, google lets you review what it's caught in case it has been too keen, but I have never found a genuine message being wrongly barred.
I never touched hotmail with even the proverbial 'barge pole' because of its origination amongst kids and nerds in the early days - years ago, one business colleague even admitted if a client had a hotmail address, he'd quietly find a way to drop them!
(I don't know if Google email accounts still need an invitation from an existing user - if so, anyone can ask me as I have built up a reserve of hundreds of invitations)
With regard to using blocking or rules in something like Outlook or Outlook Express, I wouldn't waste my time with this nowadays, as you could spend the rest of your life filling in black/whitelists to no avail, as the spammers are changing their details continuously to ensure that manually updated lists are quickly rendered ineffective.
I'm also tempted to advise throwing away any of the big name anti-virus/spam packages like Norton or McAfee. For one, you're blackmailed into subscribing to them for the rest of your life or they will go obsolete, and for another, they're a pain as they seem to be poorly written, and forever appear in lists describing installation problems with other software.
Again, since before it was known in public, I've used an anti-virus and email protection system from AVG. Free for personal use, AND subject to free, daily, automatic updates if you are on the web:
I used to run a stack of programmes to guard against external problems, but with the Google and lycos services killing the mail threat better than I can manually, and AVG doing the business locally (it integrates with Outlook) I just don't bother with anything else now.
Alerts from AVG have fallen to 2 or 3 over the course of a year, usually false alarms arising from software that is known to trip anti-virus alerts.
There's only one genuine threat that I see occasionally, and it usually arrives if someone sends me something apparently legit, but which they have obtained from a less than savoury site. AVG shouts at me immediately, and identifies it as carrying a payload that wants to use my PC to download software without letting me know it is happening.
There is one other thing to bear in mind, and that is that you (or anyone you know) don't have to do anything wrong to be the recipient of this stuff. It's very simple to write routines to create millions of email address names automatically, and then just tack @whatever.com on to the end of them, and leave that code to sending those email forever. So the odds of it generating your, mine, or anyone else's address at some point is inevitable.
On further inspection the messages appear to be the standard dollar loans, viagra and enlargement spam. The strange thing is that they come up on the Inbox list as a completely blank line and also show no sender or addressee. It is all a bit strange. I am certainly under attack from some where. I had 43 spam emails this morning and another 6 by tonight.
I have updated McAfee andd scanned My Computer and Drive C - nothing was found. The machine is operating normally except that it seems to take longer to start up.
The blank lines etc indicate that this has nothing to do with you or your computer, and that the junk is probably being generated automatically by bulk mailing lists and automated spam generators.
If you actually open one of those messages (I know, bad idea, but the actual likelihood of opening one with a payload is small in reality, and your email scanner should catch it if it's any good), then you will find there is a Properties option that will let you see the full header of the message, and that can give you more clues as to how it got to you.
I think I mentioned this before, but it bears repeating, and if you want to use a temporary/disposable email address to get into a site that won't let you access it, or download free or trial software without giving your email (which you probably don't want to do just for that), then use something like...
Guerilla Mail is for sale! $7,500 down from $15,000. Interesting, but not worth it - if the buyer sticks ads on it, then the sort of folk that use it will ignore them, and if the service had a charge, even a small one, then they'd just go elsewhere. Pity.
I've never had many spam mails, even on openly published addresses on domains I operate. I suspect that's only because I don't ever, ever, respond to any of the rubbish in any way, and confirm that someone has opened and read the spam mail.
I got an interesting one the other day. It was a job/dealership offer, and an initial check showed it was genuine (when I say 'genuine' all I mean is that it the info was genuine as was the business concerned - a software business near Poland), but checking the email and hosting details showed they had nothing to do with the business the mail was supposed to come from, and originated from a known source of spam. The spammer had hijacked the real company's appearance, description, name etc to create their 'hook', but had still made the spammer's mistake of not understanding that if they can't write in English, and make basic spelling and grammar errors, then none but the retarded (sorry, just being realistic) will pay them any attention, so it all seems very pointless and time-wasting.
Just ride it out, it can take months for a surge to waste away. Resist the urge to send return emails telling them to Foxtrot Oscar, I've seen it tried - bad idea, and/or use Google/Lycos webmail in public.
It is not an address I use much on the web except for utility companies etc.. The hotmail one I do use has never ( so far) had any spam strangely enough. I guess it has come from a contact's infected computer. It does tend to suggest that Toucan doesn't care much about spam although it has to be said, I never received one spam message until about a year ago.
I think the most interest point made in the article is that all the spam is generated in Russia and China, and sent to the west, and while the west is working to fight spam, Russia and China don't give a damn because it's not being sent to them - even though it's people in the US that are funding/originating it.
Worse still, they reckon 200 people are responsible for 80% of spam.
200 isn't all that many, and I don' think anyone would shed a tear if Black Ops or Wetworks were sent out to 'neutralise' this particular group of 200, and deter any wannabees from replacing them as a by-product.
If I should fail to be heard of for a while, then it may have something to do with becoming 'not quite' a millionaire
The following notification was received the other day... FROM: THE DESK OF THE VICE PRESIDENT no less
While reading this, it might be worthwhile pulling up the online El Gordo results page, which seems to think The Last Draw Date was: Saturday, March 8th 2008
There is only one worrying aspect, and that is the lack of demand for any money or personal information on the claim documentation that accompanies this - I can't immediately see where the scam is!
Maybe the fax or phone number is one of the nasties that is organised to redial you and reverse charge you £100s.
What you can't see are the dreadful graphics on the headed paper. Quite what a bad, chunky, low resolution scan of AXA's logo has to do with El Gordo I don't know, but it wouldn't surprise if AXA were to sponsor a scam, given the amount of times their logo is shown incessantly on ITV, and the pathetic returns their bonds provide to small investors - you might make more leaving your cash under the bed and selling the fluff that gathers on it.
The clever ones are quite good, a lot of those pretending to be from banks and big organisation like MSN use original graphics clipped from real sites, and pasted together to make official looking documents/emails.
The giveaway is when they ask for personal data of the type you never ever release, and then a look at the header info and source usually reveals an email origination that looks like it is real, but has odd characters when inspected. They depend on that odd feature of reading that means provided the first and last letters of a word are in the correct place, your brain will 'correct' the ones in between if they are in the wrong order, or only slightly mis-spelt.
Apparently unconnected, judging from their domains, I received three mails which might have delivered something nasty onto my PC this week.
In a new ploy I haven't come across before, I saw the messages which were reasonably well titled, and noted that UPS had tracked two failed deliveries to me, and that those nice people at Customs wanted me to confirm details to release a parcel (oddly, not HM Customs or Customs and Excise).
Inspecting the messages showed they all claimed have forms for me to download and print out, then fax back once I had signed them.
Needless to say, things never went that far, even though I was curious to see what was on the forms.
There were, of course, no forms, and as I probed just a little further I found that these documents - which had had their icons edited to make them look like Word documents - were actually executable program files. Since I'm no longer amused by battling these things, they were deleted and the domains reported to my mail provider, but anyone that simply opened these up normally, even just to read them without printing, could be in for a nasty surprise.
As I always say, if email arrives that you don't expect, ALWAYS don the rubber gloves and get the tools out before touching it - or just delete it without thinking. If it's something that important and not pre-arranged, the sender should be using something a tad more reliable anyway.
Just for good measure, I also got a letter this morning, the content of which suggest someone is having a try at getting a form of credit using some of my details. Unfortunately for them, I happen to deal with the organisation involved, so I can have a little word with them at start of business on Monday. I should win either way, spoiling some piece of thieving scum's day, and giving me some comeback if the company doesn't pay attention and I get a bill that's not mine at some time in the future. While that shouldn't happen given the degree of details involved, I like to play safe.
This was sent to me, not from the sender, but from someone who thought I might like a laff.
Said to have been a serious (if we can use that word here) spam message, with all the usual signs of having been sent from our good friends in Nigera, or somewhere similar...
I pray that this email reaches you in the best of health. This letter may come to you as asurprise due to the fact that we have not yet met. The message could be strange but it’s real and you will realise this if you pay some attention to it. I want to notify you about it at least for the sake of your integrity.
My name is Major Greg Boner Moyo, a direct and only remaining member of the wealthy Moyo family. I am an astronaut with the South African Air Force and on loan to the National Aeronautics and Space Administration (NASA).
In 2003 I left earth aboard the Mars Rover, Spirit. Seven months later I arrived on Mars.Prior to departing earth, I deposited the amount of US$ 11,600,000 (Eleven million, six hundred thousand United States dollars) in four safety galvanized boxes in a European financial institution which will be disclosed to you upon your acceptance of my proposal.
Last year, during the course of my research on Mars, I was ambushed by a group of analdwelling rebel Martians who inflicted great torturous pain upon my body with anal probes.
After a few weeks of enduring the physical pain, they released me. As a direct result of this cruelty, I am now very ill with a ruptured uterus that has defiled all forms of medical treatment and which has been deemed to be inoperable by my Martian surgeons. I am writing this mail to you on a laptop from my hospital bed in the Martian capitol of Zhwrong.
I now have but a few weeks to live and I am far too ill to endure the long and arduous journey back to my South Africa home. Therefore I have decided to donate the bulk of my fortune to a church or charitable organisation that will utilize this money in the manner which I shall impart to you later. In return for your assistance, I shall authorise you to keep 30% of this fund for your trouble and aggravation plus an additional 10% to cover your expenses.
You should contact my attorney in Johannesburg immediately with your address andtelephone number and he will give you his full contact information and guidance so that we can make arrangements as soon as possible.
Contact Barrister Richard Hardon Baloye Barristers & Solicitors, Johannesburg, South Africa Email:rev.georgeharris2@live.com
Sincerely yours, Major Greg Boner Moyo, National Aeronautics and Space Administration Elysium Veterinary Infirmary Zhwrong, Mars Nano nano
Home
Calendar
Search
Register
Login
Spam/Scam-busters
Print Thread
Report to Moderator
Logged
Site
Private message
