Speculation on Spam - Tactical perspective

tw · 06-05-2002, 03:19 PM

How did they get your e-mail address? A most common way was to troll newgroups. Another was to troll Whois sites for web masters e-mail addresses. Master databases that connected real names and addresses to e-mail addresses was another. Breaking into POP or SMTP servers was an early and aggressive tactic. Even worse, legitamate companies would sell their lists of e-mail addresses. Those were the early methods.

Spammers don't include valid e-mail return addresses. Best to not have the public know where spam comes from. Therefore they don't know which e-mail has invalid addresses. How to verify good addresses?

One trick was to include a hyperlink said to remove you from the their mailing list. In reality, you are only telling the spammer that your e-mail address indeed connects to a real person.

Viruses are a common method of stealing addresses. Many of those viruses really don't attack your system. Instead they send every e-mail address in your address book to a computer in Zambia or St Petersburg. However not all addresses are accurate. A spamming list with more valid addresses can be sold at greater profit. Therefore some method must be made available to confirm valid addresses. After all, some are getting so many spam e-mails that they must change addresses frequently.

I have some e-mail POPs that have never been used except to communicate with companies. Others that have only been used for inter-personal e-mail. And still spammers have found all those addresses. In one case, a friend sent me and 30 other friends some e-mail. One of those other e-mail boxes had 30 valid e-mail addresses for any virus to find and retransmit to an Israeli or Nigerian server.

Another trick may be to send spam mail with graphics. For example, every e-mail includes a request to download a graphic on your mail display. Simply embed a code number in each graphic URL that is unique to the original e-mail address. Every time you open a spam letter, the letter requests a *.GIF file from their server AND tells them whose e-mail requested the graphic. Now they know your e-mail address is good without putting a valid return e-mail address on their spam. You have confirmed that your e-mail address is valid.

Stifle this technique by going off-line before opening e-mail. Then the e-mail GIF URL does not connect to their server - does not confirm the existence of a real person at that address.

Just some speculation on how spam has become more prolific and why you ain't seen nothing yet. 50 or 100 spams per day are not unreasonable IF we are not empowered to make a spammer's livelyhood difficult. They don't have the right to send us advertisments on media they did not pay for. They have the right of free speech. But they also have responsiblity to pay for the media used to exercise that right. Free speech is a right but does not mean on anyone else's media. Owning the media is where rights meet responsiblity. We should have the right to hold others to their responsiblities - so that they don't violate our rights of privacy and peace. Laws still don't protect our rights against spam on media we pay for.

elSicomoro · 06-05-2002, 09:32 PM

Having been on several ISP's, the spam I get tends to start coming in droves after I start posting to ng's.

Earthlink has the "spaminator," which does a decent job of catching a lot of the spam that hits my accounts. Granted, I still get a ton of it, but I would have that much more without the spaminator.

As a food product, Spam is delicious.

MaggieL · 06-05-2002, 10:12 PM

SpamAssassin rocks.

http://www.spamassassin.org

verbatim · 06-05-2002, 10:13 PM

I have an @aol.com email address, but I mainly use instant messager. The cause of most is the profile. Put something in it, you start getting spam. Make it empty, no more spam. And its a very tolerable amount, maybe 3 or 4 pieces a day. Ive had it for almost 5 years now (pitiful, yes I know).

I also have an @excite.com email address. Ive had it for 2 years. I use it to sign up for all those internet services, like no-ip.org, registration, and when you are forced to give it out. Guess how much spam I get. None. Not a single bit. Never.

Its so weird, because when you guys talk about how much spam you get, my run-ins with it have been forgettable, even at their worst. I gues im just lucky

Nic Name · 06-05-2002, 10:25 PM

In my experience the worst spam attractors are Hotmail, with its pre-selected opt in check box to share your email address freely and Network Solutions Whois registry. All domain registrations should use specific email addresses that can serve as spam-baskets.

That said, Hotmail is a nice spam basket especially with the new filters that moves everything to Junk Folder with maximum privacy settings.

In the early years, when NetSol had the monopoly on domain registrations, they wouldn't accept a Hotmail address for the Domain Name Administrator. Even today, using Hotmail in the Whois could be a hassle, if you lost your Hotmail address in their new purging program.

juju · 06-05-2002, 11:51 PM

They can also just guess your e-mail address.

You know those programs people use to dictionary-attack your passwords? Well, now spammers use similar ones to 'dictionary-attack' e-mail addresses.

I can always tell if they've used this technique, because the spam will have been send to juju1@foo.com, juju45@foo.com, juju1112@foo.com, etc.

With this technique, you never have to give your e-mail address out to <i>anyone</i>, and you'll <i>still</i> get spam.

06-05-2002, 03:19 PM	#1
tw Read? I only know how to write. Join Date: Jan 2001 Posts: 11,933	Speculation on Spam - Tactical perspective How did they get your e-mail address? A most common way was to troll newgroups. Another was to troll Whois sites for web masters e-mail addresses. Master databases that connected real names and addresses to e-mail addresses was another. Breaking into POP or SMTP servers was an early and aggressive tactic. Even worse, legitamate companies would sell their lists of e-mail addresses. Those were the early methods. Spammers don't include valid e-mail return addresses. Best to not have the public know where spam comes from. Therefore they don't know which e-mail has invalid addresses. How to verify good addresses? One trick was to include a hyperlink said to remove you from the their mailing list. In reality, you are only telling the spammer that your e-mail address indeed connects to a real person. Viruses are a common method of stealing addresses. Many of those viruses really don't attack your system. Instead they send every e-mail address in your address book to a computer in Zambia or St Petersburg. However not all addresses are accurate. A spamming list with more valid addresses can be sold at greater profit. Therefore some method must be made available to confirm valid addresses. After all, some are getting so many spam e-mails that they must change addresses frequently. I have some e-mail POPs that have never been used except to communicate with companies. Others that have only been used for inter-personal e-mail. And still spammers have found all those addresses. In one case, a friend sent me and 30 other friends some e-mail. One of those other e-mail boxes had 30 valid e-mail addresses for any virus to find and retransmit to an Israeli or Nigerian server. Another trick may be to send spam mail with graphics. For example, every e-mail includes a request to download a graphic on your mail display. Simply embed a code number in each graphic URL that is unique to the original e-mail address. Every time you open a spam letter, the letter requests a *.GIF file from their server AND tells them whose e-mail requested the graphic. Now they know your e-mail address is good without putting a valid return e-mail address on their spam. You have confirmed that your e-mail address is valid. Stifle this technique by going off-line before opening e-mail. Then the e-mail GIF URL does not connect to their server - does not confirm the existence of a real person at that address. Just some speculation on how spam has become more prolific and why you ain't seen nothing yet. 50 or 100 spams per day are not unreasonable IF we are not empowered to make a spammer's livelyhood difficult. They don't have the right to send us advertisments on media they did not pay for. They have the right of free speech. But they also have responsiblity to pay for the media used to exercise that right. Free speech is a right but does not mean on anyone else's media. Owning the media is where rights meet responsiblity. We should have the right to hold others to their responsiblities - so that they don't violate our rights of privacy and peace. Laws still don't protect our rights against spam on media we pay for.

06-05-2002, 10:12 PM	#3
MaggieL in the Hour of Scampering Join Date: Jan 2001 Location: Jeffersonville PA (15 mi NW of Philadelphia) Posts: 4,060	SpamAssassin rocks. http://www.spamassassin.org __________________ "Neither can his Mind be thought to be in Tune,whose words do jarre; nor his reason In frame, whose sentence is preposterous..."

06-05-2002, 10:13 PM	#4
verbatim Vice-President of Resentment Join Date: Jun 2001 Location: Pennsultucky Posts: 199	I have an @aol.com email address, but I mainly use instant messager. The cause of most is the profile. Put something in it, you start getting spam. Make it empty, no more spam. And its a very tolerable amount, maybe 3 or 4 pieces a day. Ive had it for almost 5 years now (pitiful, yes I know). I also have an @excite.com email address. Ive had it for 2 years. I use it to sign up for all those internet services, like no-ip.org, registration, and when you are forced to give it out. Guess how much spam I get. None. Not a single bit. Never. Its so weird, because when you guys talk about how much spam you get, my run-ins with it have been forgettable, even at their worst. I gues im just lucky __________________ <-- I'm with stupid

06-05-2002, 11:51 PM	#6
juju no one of consequence Join Date: Jun 2001 Location: Arkansas Posts: 2,839	They can also just guess your e-mail address. You know those programs people use to dictionary-attack your passwords? Well, now spammers use similar ones to 'dictionary-attack' e-mail addresses. I can always tell if they've used this technique, because the spam will have been send to juju1@foo.com, juju45@foo.com, juju1112@foo.com, etc. With this technique, you never have to give your e-mail address out to <i>anyone</i>, and you'll <i>still</i> get spam. Last edited by juju; 06-05-2002 at 11:55 PM.

06-05-2002, 09:32 PM	#2
elSicomoro Person who doesn't update the user title Join Date: Jan 2001 Posts: 12,486	Having been on several ISP's, the spam I get tends to start coming in droves after I start posting to ng's. Earthlink has the "spaminator," which does a decent job of catching a lot of the spam that hits my accounts. Granted, I still get a ton of it, but I would have that much more without the spaminator. As a food product, Spam is delicious.

06-05-2002, 10:25 PM	#5
Nic Name retired Join Date: Dec 2001 Location: Toronto, Canada Posts: 1,930	In my experience the worst spam attractors are Hotmail, with its pre-selected opt in check box to share your email address freely and Network Solutions Whois registry. All domain registrations should use specific email addresses that can serve as spam-baskets. That said, Hotmail is a nice spam basket especially with the new filters that moves everything to Junk Folder with maximum privacy settings. In the early years, when NetSol had the monopoly on domain registrations, they wouldn't accept a Hotmail address for the Domain Name Administrator. Even today, using Hotmail in the Whois could be a hassle, if you lost your Hotmail address in their new purging program.

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)