homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam

The Geek Culture Forums


Post New Topic  New Poll  Post A Reply
my profile | directory login | | search | faq | forum home
  next oldest topic   next newest topic
» The Geek Culture Forums   » News, Reviews, Views!   » Your News!   » The Spam report (Page 1)

 - UBBFriend: Email this page to someone!  
This topic comprises 2 pages: 1  2 
 
Author Topic: The Spam report
The Famous Druid

Gold Hearted SuperFan!
Member # 1769

Member Rated:
4
Icon 1 posted December 21, 2004 00:33      Profile for The Famous Druid     Send New Private Message       Edit/Delete Post   Reply With Quote 
As you may know, I've been conducting a spam experiment, by including a 'spam trap' email address in my signature line here (and a few other places).

As expected, the email harvesting bots found it, and I've been getting a steady flow of spam in recent weeks.

What's interesting is, another email address which I've claimed for my daughter, but which has never been used, has received 3 times as much spam, clearly as a result of a dictionary search.

Yet another address, which is long and most unlikely to be found by a dictionary search, (unless the dictionary has 'teledildonics' in it) has received no spam at all.

So, the moral of the story is, if you don't want to get spam, choose an email address that's nice and long, with at least part of it being a made-up word.

--------------------
If you watch 'The History Of NASA' backwards, it's about a space agency that has no manned spaceflight capability, then does low-orbit flights, then lands on the Moon.

Posts: 10669 | From: Melbourne, Australia | Registered: Oct 2002  |  IP: Logged
csk

Member # 1941

Member Rated:
5
Icon 1 posted December 21, 2004 00:40      Profile for csk     Send New Private Message       Edit/Delete Post   Reply With Quote 
That sounds about right, actually. I've noticed my gmail address start to get hit with spam within about the last three weeks. I suspect mainly due to dictionary attacks. I was comparing with other gmail users at another site, and they all said that their spam quantities had gone up in the last few weeks. Except one, who had a very long gmail address.

--------------------
6 weeks to go!

Posts: 4455 | From: Sydney, Australia | Registered: Jan 2003  |  IP: Logged
littlefish
BlabberMouth, a Blabber Odyssey
Member # 966

Member Rated:
4
Icon 1 posted December 21, 2004 01:04      Profile for littlefish   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
My gmail is still spam free, but my pal has started getting stuff. She used to get lots of spam at [email protected] so she abandoned it and started [email protected] Now thats plumped out with offers for rolexes and [email protected]@.
Posts: 2421 | From: That London | Registered: Nov 2001  |  IP: Logged
iGottaMac
Maximum Newbie
Member # 3151

Member Rated:
5
Icon 1 posted December 21, 2004 01:53      Profile for iGottaMac   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Cheers for the advice... as of yet, my email hasn't been hit, but then I don't think my name is the dictionary [Big Grin]

--------------------
Visit Small Apple and help support a growing Mac community!

Posts: 15 | From: UK | Registered: Dec 2004  |  IP: Logged
Mac D
BlabberMouth, the Next Generation
Member # 2926

Icon 1 posted December 21, 2004 03:50      Profile for Mac D     Send New Private Message       Edit/Delete Post   Reply With Quote 
Mine is short and still has yet to get spam. dep then 333 behind it. I doubt my initials + the 3's are in the dictionary search. If I purchase anything from the net I use my spam account (Almost the same but with an underscore and at hotmail)

--------------------
There's nothing wrong with me, This is how I'm supposed to be.

Posts: 1449 | From: Where I am is very relative to my location at that time. | Registered: Sep 2004  |  IP: Logged
drunkennewfiemidget
BlabberMouth, a Blabber Odyssey
Member # 2814

Member Rated:
4
Icon 1 posted December 21, 2004 06:20      Profile for drunkennewfiemidget     Send New Private Message       Edit/Delete Post   Reply With Quote 
My gmail address is my username at gmail dawt calm.

It's never been spammed. I'm moderately sure a dictionary attack won't find that one. [Big Grin]

Posts: 4897 | From: Cambridge, ON, Canada | Registered: Jun 2004  |  IP: Logged
Black Widow
Uber Geek
Member # 3046

Icon 1 posted December 21, 2004 06:23      Profile for Black Widow     Send New Private Message       Edit/Delete Post   Reply With Quote 
I get no spam at my gmail address. However, my yahoo account is getting overwhelmed as compared to past standards. This morning I had 11, since 10:30 last night.

They have the same name, just different domains, so it doesn't make sense that one would get hit and the other wouldn't. So I'm ruling out the dictionary hits (also because it's basically just a name and numbers).

I still don't open them, unsubscribe, or do anything other than delete them. The only problem I see is that yahoo does send undeliverable messages if the address doesn't exist, so the spammers are not getting that from me (indicating I have a good address still).

Oh well, yay for the spam filter.

Posts: 931 | From: Missouri | Registered: Oct 2004  |  IP: Logged
greycat

Member # 945

Member Rated:
5
Icon 1 posted December 21, 2004 06:29      Profile for greycat   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
My address is [email protected] and all the spammers already know it. So I don't have to do any secret handshakes, or scribble my e-mail address in lemon juice, or "encrypt" it with rot13, or any of that crap.

Here I am, mail me! (But you'll have to get past my greylisting first (to stop the worms), and if you have a known virus signature on an attachment, it'll be rejected after the DATA phase, and if spamassassin doesn't like your message, it goes into the slag pile that gets checked maybe once every few months.)

Posts: 1522 | From: Ohio, USA | Registered: Oct 2001  |  IP: Logged
drunkennewfiemidget
BlabberMouth, a Blabber Odyssey
Member # 2814

Member Rated:
4
Icon 1 posted December 21, 2004 06:34      Profile for drunkennewfiemidget     Send New Private Message       Edit/Delete Post   Reply With Quote 
I might have already yakked about how proud I am of my spam system, so feel free to ignore this post. [Wink]

The spam system on my servers I'm quite proud of. First, your message is received and the standard sender verification and spamcop checks are done, you fail, you can't even send DATA.

Then, the message is scanned by spamassassin. If it scores higher than 10, then it's rejected at SMTP time.

Then, the X-Spam-Level line is matched against your personal preferences in an sql db, and if the message scored higher than you're willing to accept, it's placed in your IMAP/webmail SPAM folder. Every day, a digest of all of your spam is e-mailed to you. All it contains is the date received, the from address, and the subject of the spam. Based on that, you can decide if you need to bother to log into your spam box and clear out old messages.

Every day all spam messages that are > 5 days old are wiped from the mailbox.

Today's digest said I got 43 spam yesterday ( [Eek!] ) to my business and domain e-mails. Doesn't surprise me in the least.

Posts: 4897 | From: Cambridge, ON, Canada | Registered: Jun 2004  |  IP: Logged
littlefish
BlabberMouth, a Blabber Odyssey
Member # 966

Member Rated:
4
Icon 1 posted December 21, 2004 06:47      Profile for littlefish   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Interesting. Do we have some /. editors here? They have the same problem!
Posts: 2421 | From: That London | Registered: Nov 2001  |  IP: Logged
TMBWITW,PB

Member # 1734

Member Rated:
5
Icon 1 posted December 21, 2004 08:28      Profile for TMBWITW,PB     Send New Private Message       Edit/Delete Post   Reply With Quote 
Mine is beldaran (at) you-know-where (dot) com, and for some reason that is getting spam. I didn't think beldaran would show up in any dictionary; she is a fictional character from a David Eddings novel! But if anyone needs Windows software, vicodin or codeine I may know a few people who can help you. [crazy]

--------------------
"Beauty is in the eye of the beholder and it may be necessary from time to time to give a stupid or misinformed beholder a black eye."
óMiss Piggy

Posts: 4010 | From: my couch | Registered: Oct 2002  |  IP: Logged
hey-U
SuperBlabberMouth!
Member # 2128

Member Rated:
5
Icon 1 posted December 21, 2004 08:43      Profile for hey-U     Send New Private Message       Edit/Delete Post   Reply With Quote 
This post on Slashdot makes quite interesting reading, especially regarding dictionary attacks by spammers on gmail.

There's some food for thought that, as gmail is still only in beta, when it finally *does* get an official release and the spammers can get any number of official accounts, the chances are that the amount of spam received by gmail accounts will increase exponentially...

***EDIT*** Dammitall! Sorry folks, just seem LittleFish's link to the same subject. Not doing very well here just lately, am I? :-(

Posts: 1263 | From: London | Registered: Apr 2003  |  IP: Logged
greycat

Member # 945

Member Rated:
5
Icon 1 posted December 22, 2004 10:24      Profile for greycat   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
PB, famous proper names like Gandalf will show up in any good username/password "dictionary". When we use "dictionary" in this context, it doesn't necessarily mean "Webster's" or "OED". It means a list of words, preferably from as many sources as possible. A good dictionary will include things like "xyzzy" which is a famous password from one of the oldest text adventure games, as well as the names of fictional characters from movies, TV, books, etc.

Once upon a time, I ran "Crack" against the passwd file from a Unix box that I was administering, and I was pretty shocked when it guessed the root password -- which was the first "letter" (or number) of each word from a famous quotation. (No, I didn't choose the passwords.) But Crack had that password in its dictionary, so apparently someone else outside that organization had already thought of that scheme. (For obvious reasons, I won't name the organization, or say precisely what the password was, even though it's surely been changed by now.)

Posts: 1522 | From: Ohio, USA | Registered: Oct 2001  |  IP: Logged
TMBWITW,PB

Member # 1734

Member Rated:
5
Icon 1 posted December 22, 2004 10:38      Profile for TMBWITW,PB     Send New Private Message       Edit/Delete Post   Reply With Quote 
Wow. That's good to know, greycat. I didn't think Beldaran would be so popular though. She was only in the novel for all of 50 pages and a pretty minor character. I guess spammers know what they're doing.

--------------------
"Beauty is in the eye of the beholder and it may be necessary from time to time to give a stupid or misinformed beholder a black eye."
óMiss Piggy

Posts: 4010 | From: my couch | Registered: Oct 2002  |  IP: Logged
The Famous Druid

Gold Hearted SuperFan!
Member # 1769

Member Rated:
4
Icon 1 posted December 22, 2004 12:28      Profile for The Famous Druid     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by TMBWITW,PB:
Wow. That's good to know, greycat. I didn't think Beldaran would be so popular though. She was only in the novel for all of 50 pages and a pretty minor character. I guess spammers know what they're doing.

Chances are, the spammers use web-crawlers looking for email addresses, and compile a list of words they find in the process. From looking at some of the spam I've received lately, they then try all the words, plus add digits or a few random letters to the end of them. They also seem to try combinations of words, but they'd obviously have to be selective there, the sheer number of 2..4 word combinations is enormous.

--------------------
If you watch 'The History Of NASA' backwards, it's about a space agency that has no manned spaceflight capability, then does low-orbit flights, then lands on the Moon.

Posts: 10669 | From: Melbourne, Australia | Registered: Oct 2002  |  IP: Logged
drunkennewfiemidget
BlabberMouth, a Blabber Odyssey
Member # 2814

Member Rated:
4
Icon 1 posted December 22, 2004 13:20      Profile for drunkennewfiemidget     Send New Private Message       Edit/Delete Post   Reply With Quote 
But my name is simply three words put together! Why haven't they harvested it yet? [Big Grin]

From what I can tell, I am the sole owner of this nickname on the Internet for now.

Anyone else who uses it in the future, you have this message as proof, STOLE IT FROM ME! [Big Grin]

Posts: 4897 | From: Cambridge, ON, Canada | Registered: Jun 2004  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted December 22, 2004 14:25      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Dirty scoundrels...they've hit my Gmail...both my proper name account, and my nomme de electronique account. I hate spammers - may they suffer the wrath of AOL & Microsoft Legal, and quite possibly fates far worse than that. Perhaps if any of them get jailed, someone in 'the big house' will show them the ways of products they attest to selling...

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9331 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
Too Cool To Quit
SuperBlabberMouth!
Member # 2217

Icon 1 posted December 22, 2004 14:42      Profile for Too Cool To Quit     Send New Private Message       Edit/Delete Post   Reply With Quote 
The only spam I recieved is from Dictionary attacks. That's really amazing because my email address is everywhere. It's not accesible to spam bots on No Comment Rock Radio's website because I changed a few letters, including the @ symbol to ascii codes via markup, and did the whole j.barwick at gmail dot com so that people can see it and it's not easily readable by bots.

I get a very very slow trickle, of possibly 1 email or 2 a day that is spam.

--------------------
Alright now, that's the last straw, I'm calling the ass taxidermist to tell him to stop making hats in your size RIGHT NOW.

Posts: 1097 | From: North Carolina | Registered: May 2003  |  IP: Logged
csk

Member # 1941

Member Rated:
5
Icon 1 posted December 22, 2004 15:28      Profile for csk     Send New Private Message       Edit/Delete Post   Reply With Quote 
quote:
Originally posted by TMBWITW,PB:
Mine is beldaran (at) you-know-where (dot) com, and for some reason that is getting spam. I didn't think beldaran would show up in any dictionary

As is my pelennor. My guess is that they are simply brute forcing combinations and getting lucky for these "short" passwords.

--------------------
6 weeks to go!

Posts: 4455 | From: Sydney, Australia | Registered: Jan 2003  |  IP: Logged
Serenak

Member # 2950

Member Rated:
4
Icon 4 posted December 22, 2004 15:43      Profile for Serenak     Send New Private Message       Edit/Delete Post   Reply With Quote 
Interestingly enough out of the 6 accounts that I run live on the net I get little or no spam... And there is nothing clever about any of my account names although simonandjackie or gippingpress are fairly unlikely to crop up in many dicts... thought the web crawlers and bots would have harvested us by now though....

Since Jackie (SO for those not up with my position) tried joining a couple of MSN boards the number of "virus" and worm laden e-mails has rocketed from 0 to 6-10 a day... (within hours actually) and stayed stable since....

Of course being Mac based means I can (currently) laugh in the face of these pathetic stolen address book "is this you - see zip" events, as can (no doubt) anyone who knows what they're doing on a Wintel System

Tried the Lycos "hit back at spammers" screen saver and liked the idea a lot... Unfortunately once on it took forever to respond to a "wakeup call" so I iced it...

Anyone know much about "spam baiting"? Seen a few articles recently on it - don't think I have the time to dedicate to it myself but can see the challenge...

--------------------
"So if you want my address - it's No. 1 at the end of the bar, where I sit with the broken angels, clutching at straws and nursing my scars..."

Posts: 1936 | From: Suffolk England | Registered: Sep 2004  |  IP: Logged
dragonman97

SuperFan!
Member # 780

Member Rated:
4
Icon 1 posted December 22, 2004 15:57      Profile for dragonman97   Author's Homepage     Send New Private Message       Edit/Delete Post   Reply With Quote 
Serenak - don't get too cocky. Someone will write something to get Macs...it's only a matter of time. The saving thing is being careful about what you open, and how you open it. If you read your e-mail in plaintext, you're very likely to stay safe. HTML mail is risky business (just turning off images is not enough sometimes).

Spam-baiting can be a great way to make blacklists - track all mail received by an address that is not used by any living person, and you'll have a perfect list of what *is* unquestionally spam/UCE.

I'd say more, but I'm hungry at the moment.

--------------------
There are three things you can be sure of in life: Death, taxes, and reading about fake illnesses online...

Posts: 9331 | From: Westchester County, New York | Registered: May 2001  |  IP: Logged
Serenak

Member # 2950

Member Rated:
4
Icon 1 posted December 22, 2004 16:58      Profile for Serenak     Send New Private Message       Edit/Delete Post   Reply With Quote 
Hey DMan,

that is why I said "currently"...

Yes Linux, BSD, OS X, etc. are:

1) Possibly more inherently secure (I aint no programmer/coder/scripter so I don't know)

2) More secure by "obscurity" i.e. lack of market share

I'm not out to "dis" anyone here - just saying that the huge number of "viral/worm/trojan" loaded stolen address book e-mails that currently hit my mailboxes are based on exploits to Windows integration strategy (and that they can't execute on my non Windows OS).

Actually I think it is sad that one of the best ideas MS ever tried to implement (i.e. desktop integration) has been exploited to make their OS the least secure mainstream out there.

Yes I am a Mac Evangelist... I think Macs kick other systems into oblivion (IMHO and I'm entitled to it) but I am not a zealot, fanatic, etc.

But I am aware that if Mac OS or whatever was market leader it would get the most attacks...

I am not smug, I run firewalls, AV (OK, currently a bit of a timewaster on Mac) </smug> [Smile]
Well OK let's say "schnadenfraude" then... (is that how you spell that?)

Listen, spammers suck, virus writers suck, spyware writers.... you get my drift....

Personally - I loathe Windows, to me it is a 3rd rate copy of a variety of better operating systems with a garish GUI -but that isn't the point here. I hate Windows and I have no liking for Microsoft at all..

But unlike many I don't hold some burning hatred of Bill Gates... In fact I have a deep respect for his business acumen... And in that "who would you most like to invite to dinner" game he comes nearly at the top of my list (along with Leonardo Da Vinci, Isaac Newton, Shakespeare, Henry II, Load smore, Steve Jobs, etc.)

--------------------
"So if you want my address - it's No. 1 at the end of the bar, where I sit with the broken angels, clutching at straws and nursing my scars..."

Posts: 1936 | From: Suffolk England | Registered: Sep 2004  |  IP: Logged
Luke Skywalker
Assimilated
Member # 3096

Member Rated:
3
Icon 1 posted December 22, 2004 18:51      Profile for Luke Skywalker     Send New Private Message       Edit/Delete Post   Reply With Quote 
My gmail hasnt gotten any spam. but then its not listed anywhere, while my hotmail, which along with my gmail is rarly used and not posted, gets a small amount.

My yahoo, which is plastered everywhere though, and is my oldest one, stays at about a constant level of 1000 ( it has week=delete on it), but lately its been dropping.

--------------------
Use the Force, Luke.

Posts: 406 | From: The Line Between Time and Space | Registered: Nov 2004  |  IP: Logged
TMBWITW,PB

Member # 1734

Member Rated:
5
Icon 1 posted December 22, 2004 19:08      Profile for TMBWITW,PB     Send New Private Message       Edit/Delete Post   Reply With Quote 
Speaking of Gmail, I just got 6 new invites. If anyone wants one you know the drill. p/m me with a name and e-mail address!

--------------------
"Beauty is in the eye of the beholder and it may be necessary from time to time to give a stupid or misinformed beholder a black eye."
óMiss Piggy

Posts: 4010 | From: my couch | Registered: Oct 2002  |  IP: Logged
drunkennewfiemidget
BlabberMouth, a Blabber Odyssey
Member # 2814

Member Rated:
4
Icon 1 posted December 23, 2004 06:26      Profile for drunkennewfiemidget     Send New Private Message       Edit/Delete Post   Reply With Quote 
Yea, it seems gmail's gone on another 'hand out tonnes of invites' mission. I have 4 invites, and my gf has 10.
Posts: 4897 | From: Cambridge, ON, Canada | Registered: Jun 2004  |  IP: Logged


All times are Eastern Time
This topic comprises 2 pages: 1  2 
 
Post New Topic  New Poll  Post A Reply Close Topic    Move Topic    Delete Topic next oldest topic   next newest topic
 - Printer-friendly view of this topic
Hop To:

Contact Us | Geek Culture Home Page

© 2015 Geek Culture

Powered by Infopop Corporation
UBB.classicTM 6.4.0



homeGeek CultureWebstoreeCards!Forums!Joy of Tech!AY2K!webcam