Posts Tagged ‘spam’

How To Stop Unwanted Emails From Reaching Your Inbox

Thursday, July 29th, 2010

There are really only two ways to keep spam out of your in-box:

Prevention — This is at best only partially effective and requires a fresh and un-spammed email address. However, if you do start with a new address prevention can seem downright miraculous.
Filtering — Also not perfect but a good spam filtering service should remove more then 99% of the messages you don’t want. The thing to watch out for in filtering is false positives. (False positives are messages that should have been delivered but were blocked instead.) Blocking spam is easy, the hard part is not blocking the good messages.

(Actually, there is a third way but we’re assuming you don’t want to give up email altogether.)

These approaches are not mutually exclusive. In fact the most effective spam filtering comes from a combination of both. This means that, even if you have a good spam filtering service, it still helps if you take preventative measures. Relying on your filtering service to take care of everything is like asking asking your doctor to keep you healthy when you have a lousy diet and fail to exercise.

Don’t Encourage Them

First and foremost, spam exists because it works. If a spammer sends out millions of emails enough people will respond to make it worthwhile. Don’t be one of them.

(more…)

Tags: anti-virus, spam
Posted in All About Email, Message Control | No Comments »

Old Fashioned Advice For Avoiding Spam Email

Wednesday, July 14th, 2010

If you don’t respect your online identity, nobody else will and before long your in-box will rot and fall off. At least that’s what our mother told us. She also told us to eat our vegetables that we’d go blind if we forwarded email to ourselves.

We usually take what Mom says with a grain of salt.

However, it is true that if you start with a clean (as in “never been used”) address you can keep your in-box mostly spam free for a long time using basic email address hygiene.

Disclaimer: The tips that follow do not help to avoid dictionary campaigns which is why we say mostly spam free. Choosing a longer and/or more obscure address can help with this and an occasional spam from a dictionary campaign is not a big problem as long as you don’t open it, don’t reply and delete it right away.

Prevent Email Spam

The best way to prevent email spam is to keep your email address out of the hands of spammers. In order to do this you have to take precautions to ensure both safe web surfing and safe emailing. We’re sure your mother already warned you about the ways of the Internet too, but in case she didn’t, this is probably what she would say.

1. Be Modest With Your Email Address

You may think it’s cool to bare your email address in public but it can only lead to trouble. The web is crawling with address collectors (also known as harvesters) that just want to get into your in-box. Given the chance they will grab your address and have their way with it.

Cover your email address in public by using obfuscation. Instead of showing off your entire address at social networking sites just hint at it like this:

myaddress AT mydomain DOT com

Anybody that’s worth knowing will understand and you won’t get anywhere near as much attention from undesirables.

If you have a web site of your own you should avoid exposing links to your email address. It is possible to have address links on your site but you have to be careful to hide them from address collectors using a tool like the OnlyMyEmail Encoder.

2. Giving It Away Is Asking For Spam

Promiscuity is dangerous. Everybody wants your email address and most of them have bad intentions. This includes banks, grocery stores, magazines, warranty cards, job applications and especially web sites. They may seem nice but you never know if they’ll spam you or who they’re going to sell the information to.

If you must give an email address to a web site of questionable repute you need protection. Use a disposable email address and cast it aside like a used condom when you’re done.

3. Practice Safe Surfing

Make sure you have up to date anti-virus software with you at all times. You never know when you might need protection. The Internet is full of nasty viruses and malware and current AV software is your best defense against STDs (Sneaky Trojan Downloads).

Lack of money is no excuse. Many anti-virus clinics will provide you with free prophylactic software. Here are a couple of our favorites:

Remember, safe surfing not only protects you, it protects your friends. One virus can infect everyone in your address book. Using prophylactic software also protects you from your friends. Do you really know how careful they are?

4. Be Discrete About Your Partners

If you do engage in email intercourse, don’t let the whole world know who you’ve been emailing with. Learn to use Blind Carbon Copy (Bcc) to make sure you don’t give away your friends’ addresses and encourage your friends to do the same for you.

Do you really want everyone you email with to know about everyone else you email with? Think of your reputation! You’ll feel better knowing that by using Bcc you’re maintaining your privacy and keeping your affairs to yourself.

5. Avoid Strangers With Cheap Pills

Strangers will try to get you to their web sites by enticing you with cheap ED pills, easy diets, cheap watches and porn. Once they get you there they’ll abuse your privacy at best and probably steal your money and infect you with STDs.

It’s much better to ignore offers from strangers entirely and not give them the chance to trick you. Never reply to spam emails and if you can, delete them without opening them. If you do open them, never click on the links inside.

Your Email Address Is Precious

If you value your privacy you will heed the advice above. Take good care of your address and you will be able to enjoy it for a long time. On the other hand, if you lose your innocence you will never be able to get it back. Your address will become jaded and used; passed from spammer to spammer like a worn out penny. Just another victim of spam.

Tags: anti-virus, email, funny, humor, malware, spam, viruses
Posted in All About Email, Message Control, Spam Tactics | No Comments »

Dictionary Attack Spam

Monday, July 5th, 2010

The term “dictionary attack” usually refers to a method for finding a password by trying a limited (but still very large) set of passwords to see if any of them work. In the spam lexicon it means doing the same thing with email addresses.

How do they do it?

Spammers generally don’t hand write spam messages (any that do are probably not very successful). They use computers. The software they use to generate bulk e-mailings can also vary parts of the message and the most basic variable in a spam campaign is the “To:” address.

Normally, the spammer will feed the software a list of addresses purchased from another spammer or accumulated by an address harvester. A dictionary attack uses all of the terms in a dictionary combined with a domain name (or several) to generate an address list.

Why use a dictionary?

By now you might be thinking “My email address is my name and my name’s not in the dictionary so I’m safe.”

Don’t bet on it.

(more…)

Tags: spam
Posted in All About Email, Spam Tactics | No Comments »

Your Amazon.com Order – Malware!

Thursday, June 24th, 2010

Another high volume campaign spoofing Amazon email receipts that arrive:

Subject: Your Amazon.com Order (D17-3394363-2558346)
From: ”Amazon.com” <digital-no-reply@amazon.com>

Notice that these email arrive from hijacked zombie PC’s from across the globe and the “Order” number in the subject is randomized in an attempt to evade spam filtering.

The message itself is well designed, using actual Amazon graphics, and the Order numbers and purported sales amounts are both randomized as well:

Click for Larger Image

(more…)

Tags: spam, spoofing, virus, zombie
Posted in Spam Tactics | No Comments »

Google Docs Hosts Viagra Spam

Thursday, June 10th, 2010

We’ve certainly seen a lot of spam come out of the Google mail servers in the past, and now we’re seeing even more spam content hosted by the popular Goggle Docs applications as well.

Emails typically have simple subject lines, with intentional misspellings used as an attempt to evade spam filtering.

Examples include:

Subject: We ship direc7 to you
Subject: From Canada4t5 you
Subject: all medic6tions ar3 on S3le
Subject: ricrac7 sue
Subject: See 2uge dis64unts now

The content of the spam emails usually contain not much more than a link to Google Docs or Google Sites with perhaps some added random characters, again in hopes of getting past spam filters. Messages look like:

KL120es85B3cLEWHiHA32G8Q2u8pc42

https://doc.google.com/edit?id=dczqmmds_28gbn5h7d2

and,

KAcKi8oUgAi7nOxu86uvm8Yegaf0Er4E1GzI1eUQPra53IT0l1FIEusa2Y

https://doc.google.com/edit?id=dcqttkwh_29hnhttjgj

Get your Discoun8ed med8cations with us

and,

Canad1an medications are cheaper

https://doc.google.com/View?id=dhq46zh9_29fdpzxfg7

and,

http://sites.google.com/site/fov09xnm2ka/jled4t

and

M8AK5QV7U3euzODtOjku62D42M6ypV0y8UOoL1aB02yt7e3820Orv6x

https://doc.google.com/edit?id=dpzh7dd_31cbrv9kf5

Stop by and 8ave

Each of these “Google Doc” sites load simple pages that actually contain the “Spam” payload, primarily pushing Viagra, Cialis and other ED medications.

The Google hosted spam pages themselves are pretty boring in content as each is only intended to redirect the spammed recipient to the actual web sites that are selling the products.

(more…)

Tags: hosting, spam, viagra
Posted in Above The Law, Spam Tactics | No Comments »

High Quality Spam

Monday, May 24th, 2010

Looked at as art, most spam is the email equivalent of a two year old scribbling with a crayon. Every once in a while, though, we see something outstanding. In this post we’re going to give a shout out to a spammer who obviously cares about their work.

We grabbed a few examples of this campaign and most of them have fairly innocuous subjects that might be likely to get you to open the message like:

You have new ticket

Your payment has been done

Tracking confirmation

Oddly there were a few obviously spammy ones like:

The best way to please her

Maybe they were trying to make sure they got the people who like to open spam messages too?

This campaign is sent though AOL.com servers, which simply goes to prove that no matter what the big “webmail” firms claim about their commitment to preventing spam, they’re easily and consistently exploited day in and day out. The four above all connected from different AOL servers:

imr-ma03.mx.aol.com ([64.12.206.41])
imr-ma04.mx.aol.com ([64.12.206.42])
imr-da05.mx.aol.com ([205.188.105.147])
imr-ma06.mx.aol.com ([64.12.78.142])

And all of them originated on different Webmail servers too:

webmail-d082.sysops.aol.com (205.188.181.108)
webmail-m110.sysops.aol.com (64.12.232.218)
webmail-d037.sysops.aol.com (205.188.181.88)
webmail-m053.sysops.aol.com (64.12.140.163)

We could go on down the line, but the point is that the spammer in question easily hacks and abuses AOL accounts with impunity.

(more…)

Tags: aol, botnet, spam, zombie
Posted in Spam Tactics, The Lighter Side | No Comments »

Remove Me

Friday, April 16th, 2010

Today’s “Lighter Side” post is about what happens when you “unsubscribe” from spam. Rather than providing opt-out links for your convenience, spammers have an ulterior motive for providing what appears to be a legitimate “removal” option that has nothing to do with the CAN-SPAM Act.

You should be really careful about unsubscribe attempts.

Here’s why: (more…)

Tags: funny, humor, remove, spam, unsubscribe
Posted in Spam Tactics, The Lighter Side | No Comments »

2009: A Boring Year In Spam

Thursday, February 25th, 2010

Well 2009 is history, we know, we can’t believe it’s almost March already either. While previous years have been marked by either large increases in spam traffic, or sometimes a decrease followed by an increase, 2009 was pretty bland.

After the jump we’ve got some graphs and commentary from 2009.

(more…)

Tags: spam, stats
Posted in Spam-Stats | No Comments »

Spam Detection Rates, What the Numbers Don’t Tell You

Tuesday, February 9th, 2010

Anyone who has looked for an email anti-spam solution is probably familiar with spam capture rate statistics. You’ve no doubt seen claims such as “Blocks 99.9% of spam” but what the capture rate doesn’t tell you is going to prove even more important to your overall filtering satisfaction.

While some spam campaigns are innovative and can be difficult for various filtering systems to catch, stopping most spam email is not too difficult. The real challenge is NOT filtering the good mail that end users want to receive in the process.

A spam filter’s claimed capture rate means nothing if you do not know their false-positive rate. False positives are good emails caught by the filters and marked as spam. A great capture rate will not be acceptable to the end-user if it comes with a high false-positive rate. The cost of lost opportunities and delayed responses to legitimate mail will exceed the benefit provided by the blocking of spam.

(more…)

Tags: capture rate, forging, spam, spoofing
Posted in Spam Tactics, Spam-Stats | No Comments »