Above The Law

Yahoo Pulse Blog – A Good Hosting Tool for Spammers

Friday, July 23rd, 2010

Yahoo has apparently found yet another way to assist spammers.

As if longstanding abuses of Yahoo Groups weren’t enough for the spammed masses to suffer though, their blog site, Yahoo Pulse, is now making life easier and more productive for spammers as well.

The latest emails being spewed throughout the Internet have long and convoluted Subject lines (in an attempt to evade spam filtering) that allude to online sales of medications, such as:

Subject:   extraordinary tablets tendered for superb way of life
Subject:   supplying exceptional capsule brands for lots of years
Subject:   web outlet tremendously suggested for pills purchases

Microsoft, itself a massive spam-enabler, is sending the vast majority of these emails (if not all of them) through hijacked Hotmail accounts abusing it’s mail servers. While the From addresses may or may not be legitimate Hotmail accounts:

From:     Boyd Owenby <boydowenbykac@hotmail.com>
From:     Stroum Elliff <estroumuel@hotmail.com>
From:     Elphonte Stutz <stutzelphoduec@hotmail.com>

The actual sending mails servers most certainly are Microsoft’s:

from col0-omc4-s15.col0.hotmail.com (65.55.34.217)
from col0-omc3-s9.col0.hotmail.com (65.55.34.147)
from snt0-omc1-s27.snt0.hotmail.com ([65.55.90.38])

(more…)

Bookmark and Share

Tags: , ,
Posted in Above The Law, Spam Tactics | No Comments »

Yahoo Groups Spam

Tuesday, July 13th, 2010

While the dominant Internet email providers (Hotmail, MSN, AOL, Gmail & Yahoo) frequently talk about their commitment to fighting spam, they are actually amazingly inattentive to the rampant spam abuses allowed and enabled by their own systems.

We only occasionally point out examples of how sloppy, permissive and ineffectual these firms are in regards to spam, because thoroughly documenting the spam faults of these enterprises would be a full time job in and of itself.

That said, from time to time the abuses are just so obvious (easy to spot and catch) rampant and perpetual that we can’t help but wonder if they even deploy more than 2 or 3 high-school summer interns to their entire anti-abuse efforts.

We realize that they do all expend effort on filtering inbound spam emails from reaching their own users.  Where they are apparently asleep at the wheel is in preventing their systems from being abused by spammers to send out emails and/or to host spam landing pages.

The latest example of such unchecked abuse is the spammers using Yahoo Groups to host and promote online sales of spammed pharmaceuticals (or at least brightly colored pills claiming to be the real thing).

(more…)

Bookmark and Share

Tags: ,
Posted in Above The Law, Message Control, Spam Tactics | No Comments »

What Bank of America Doesn’t Want You To Know

Tuesday, June 15th, 2010

Apparently Bank of America doesn’t want the public to know specific details about all of the various Phishing campaigns that are active on the Internet and that target Bank of America customers.

In a real “BP-ish” management response….  within 24 hours of our last posting Bank Of America Alert: Your Account Has Been Locked – Phish we received a suggestively threatening email from them, which was ALSO sent to one of our collocation providers, and additionally to our Domains by Proxy administrator address, that says, in part:

We have now detected a website, or a redirect to a website, hosted on your network that purports to be a Bank of America or a Bank of America affiliate* website.  The referenced site(s) uses the Marks, leading visitors to believe it is a website sponsored or endorsed by Bank of America or a Bank of America affiliate* while no such sponsorship or endorsement actually exists.

Technically, of course, by way of our displaying and explaining how Phishing attempts are executed it can be argued that we are displaying some of their “Marks” (we assume they mean Trademark content) on our blog site.

(more…)

Bookmark and Share

Tags:
Posted in Above The Law, Phishing Lessons, The Lighter Side | No Comments »

Google Docs Hosts Viagra Spam

Thursday, June 10th, 2010

We’ve certainly seen a lot of spam come out of the Google mail servers in the past, and now we’re seeing even more spam content hosted by the popular Goggle Docs applications as well.

Emails typically have simple subject lines, with intentional misspellings used as an attempt to evade spam filtering.

Examples include:

  • Subject:      We ship direc7 to you
  • Subject:      From Canada4t5 you
  • Subject:      all medic6tions ar3 on S3le
  • Subject:      ricrac7 sue
  • Subject:      See 2uge dis64unts now

The content of the spam emails usually contain not much more than a link to Google Docs or Google Sites with perhaps some added random characters, again in hopes of getting past spam filters. Messages look like:

KL120es85B3cLEWHiHA32G8Q2u8pc42

https://doc.google.com/edit?id=dczqmmds_28gbn5h7d2

and,

KAcKi8oUgAi7nOxu86uvm8Yegaf0Er4E1GzI1eUQPra53IT0l1FIEusa2Y

https://doc.google.com/edit?id=dcqttkwh_29hnhttjgj

Get your Discoun8ed med8cations with us

and,

Canad1an medications are cheaper

https://doc.google.com/View?id=dhq46zh9_29fdpzxfg7

and,

http://sites.google.com/site/fov09xnm2ka/jled4t

and

M8AK5QV7U3euzODtOjku62D42M6ypV0y8UOoL1aB02yt7e3820Orv6x

https://doc.google.com/edit?id=dpzh7dd_31cbrv9kf5

Stop by and 8ave

Each of these “Google Doc” sites load simple pages that actually contain the “Spam” payload, primarily pushing Viagra, Cialis and other ED medications.

The Google hosted spam pages themselves are pretty boring in content as each is only intended to redirect the spammed recipient to the actual web sites that are selling the products.

(more…)

Bookmark and Share

Tags: , ,
Posted in Above The Law, Spam Tactics | No Comments »

Your 2010 Credit Score – CreditReport.com Spam

Monday, April 12th, 2010

Nowadays, “legitimate businesses” typically don’t send out too much blatant spam themselves. When they do send email solicitations, they’ll usually have some legitimate rational for initiating the contact. Perhaps you’ve done business with them in the past or you forgot to opt out of their direct marketing lists.

But, when it comes to pure junk email, they can always rely on “affiliates” or “marketing partners” to do the dirty work for them.

Case in point, this bogus piece of junk sent on behalf of CreditReport.com:

(more…)

Bookmark and Share

Posted in Above The Law, Spam Tactics | No Comments »

Would Sears Abuse Your Email Address?

Monday, January 11th, 2010

While in the thrall of the Holiday Spirit, one of our staff members went out on a limb and joined the Sears Craftsman Club. “How bad could it be?” he thought. “Surely Sears wouldn’t abuse my trust in giving them my email address.  If there’s a problem, I’ll just unsubscribe and it’ll be over.”

Five unsubscribe requests later he’s still getting unwanted email from Sears.

(more…)

Bookmark and Share

Tags:
Posted in Above The Law | 1 Comment »